this drives me crazy! :-( Since one week I'm trying to get SSO work. I reinstall the whole Windows Server several times. I tried Windows Server 2008 R2 and Windows Server 2012. I installed them in a Virtual Box VM. I only installed Active Directoy (incl. DNS) and then I'm trying to get SSO work.
So I installed Openfire (3.7.x and also 3.8.x). I tried the included Java version of Openfire and also the latest version of Java.
I used this tutorial: http://community.igniterealtime.org/docs/DOC-1060
And also this one: http://community.igniterealtime.org/docs/DOC-1362
When I call: kinit xmpp/servername.mydomain@REALM -t -k xmpp.keytab I alway get the following error:
Exception: krb_error 0 Do not have keys of types listed in default_tkt_enctypes
available; only have keys of following type: No error
KrbException: Do not have keys of types listed in default_tkt_enctypes available
; only have keys of following type:
at sun.security.krb5.internal.crypto.EType.getDefaults(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.build(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.send(Unknown Source)
at sun.security.krb5.KrbAsReqBuilder.action(Unknown Source)
at sun.security.krb5.internal.tools.Kinit.<init>(Unknown Source)
at sun.security.krb5.internal.tools.Kinit.main(Unknown Source)
Why is no type listed in the error message?
If I open my xmpp.keytab with ktab it shows the xmpp principal, so the keytab file seems to be correct.
I don't know what to do know, because I can't find any solution for this error with Google, etc.
Well maybe the keytab does not include an etype Java recognizes. I think this might happen if it only includes an aes-256 key but your Java does not have the JCE Unlimited Strength Jurisdiction Policy Files installed.