SSO Tournai : TGT delivre bien un ticket, mais erreur d'authentification

×Principal pmarillonnet@ENTROUVERT.LOCAL could not be authenticated

doc.md

@@ -2656,6 +2656,44 @@ KERBEROS_KEEP_PASSWORD
 DONE
 
 
+https://technet.microsoft.com/en-us/library/cc759550%28v=ws.10%29.aspx
+
+Ajout d'une entrée DNS A record pour le serveur IdP
+
+On peut alors éditer le /etc/resolv.conf pour l'ajout du DNS tournant sur la VM windows 2012:
+nameserver 192.168.56.101
+
+
+PS C:\Users\Administrator> ping phyhost.entrouvert.local
+
+Pinging phyhost.entrouvert.local [192.168.56.1] with 32 bytes of data:
+Reply from 192.168.56.1: bytes=32 time<1ms TTL=64
+Reply from 192.168.56.1: bytes=32 time<1ms TTL=64
+Reply from 192.168.56.1: bytes=32 time<1ms TTL=64
+Reply from 192.168.56.1: bytes=32 time<1ms TTL=64
+
+Ping statistics for 192.168.56.1:
+    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
+    Approximate round trip times in milli-seconds:
+        Minimum = 0ms, Maximum = 0ms, Average = 0ms
+
+pb de DNS résolu
+maintenant :
+×Principal pmarillonnet@ENTROUVERT.LOCAL could not be authenticated
+
+$ klist
+Ticket cache: FILE:/tmp/krb5cc_1003
+Default principal: pmarillonnet@ENTROUVERT.LOCAL
+
+Valid starting       Expires              Service principal
+05/18/2017 11:01:38  05/18/2017 21:01:38  krbtgt/ENTROUVERT.LOCAL@ENTROUVERT.LOCAL
+    renew until 05/19/2017 11:01:35
+    05/18/2017 11:05:22  05/18/2017 21:01:38  HTTP/phyhost.entrouvert.local@
+        renew until 05/19/2017 11:01:35
+        05/18/2017 11:05:22  05/18/2017 21:01:38  HTTP/phyhost.entrouvert.local@ENTROUVERT.LOCAL
+            renew until 05/19/2017 11:01:35
+
+
 //CURRENT2
 
 ## Etude synchro brouillon