Hi, My Kerberos Setup is as follows- Kerberos v5 Server- example.domain.com (Linux Box) Kerberos Realm- EXAMPLE.COM Registered User on Kerberos realm- test@EXAMPLE.COM Apache Server(with mod_auth_kerb) can be accessed as: http://apache.domain.com (Linux Box) Now I have added a principal name- HTTP/apache.domain.com@EXAMPLE.COM using the addprinc command. I have generated a keytab file for this principal (using ktadd) and then transferred it to the Apache Server(apache.domain.com). I have pointed to this keytab file in ..htaccess file. Now when I try to access APACHE.DOMAIN.COM:80 through a browser(IE) running on my desktop say CLIENT1.DOMAIN.COM, and give the proper user credentials...it doesnt authenticate. When I look this up in the Kerberos log file (krb5kdc.log) it gives the following messages...for the event- Jul 08 18:52:34 example.domain.com krb5kdc[9797](info): AS_REQ (6 etypes {18 16 23 1 3 2}) 192.168.200.27: ISSUE: authtime 1089292954, etypes {rep=16 tkt=16 ses=16}, test@EXAMPLE.COM for krbtgt/EXAMPLE.COM@EXAMPLE.COM Jul 08 18:52:34 example.domain.com krb5kdc[9797](info): TGS_REQ (6 etypes {18 16 23 1 3 2}) 192.168.200.27: UNKNOWN_SERVER: authtime 1089292954, test@EXAMPLE.COM for krbtgt/REALM1.COM@EXAMPLE.COM, Server not found in Kerberos database Jul 08 18:52:34 example.domain.com krb5kdc[9797](info): TGS_REQ (6 etypes {18 16 23 1 3 2}) 192.168.200.27: UNKNOWN_SERVER: authtime 1089292954, test@EXAMPLE.COM for krbtgt/COM@EXAMPLE.COM, Server not found in Kerberos database In the above data- 1. test@EXAMPLE.COM is the registered user. 2. 192.168.200.27(apache.domain.com) is the Apache server machine which is the registered to the KDC as an service principal (HTTP/apache.domain.com@EXAMPLE.COM) 3. The client machine (CLIENT1.DOMAIN.COM) running Internet Explorer is not getting logged into kerberose log. The client is running Windows 2000. 4. The htaccess has the following details: AuthName "Kerberos Login" AuthType Kerberos Krb5Keytab /usr/krb5/Apache2/apache.keytab KrbServiceName HTTP KrbAuthRealm EXAMPLE.COM KrbMethodNegotiate on KrbAuthoritative on KrbSaveCredentials off KrbVerifyKDC on Require valid-user Can anyone please throw some light on this...