My Oracle Support Banner

Requesting Kerberos TGT errors with okinit: Improper format of configuration file in (Doc ID 2311595.1)

Last updated on OCTOBER 03, 2017

Applies to:

Advanced Networking Option - Version and later
Information in this document applies to any platform.


 Requesting a kerberos TGT for a user fails with following error


[XXXX07543]/refresh/home> okinit -e 23 scott

Kerberos Utilities for Linux: Version - Production on 21-SEP-2017 14:24:06

Copyright (c) 1996, 2014 Oracle. All rights reserved.

Password for scott@XXXX.SAMPLE.COM:
okinit: Improper format of configuration file

 In this case kerberos authentication is configured for a user with Active Directory 2012 server and DB version is


The actual KRB5.CONF looks like below. Note that there are not white space around this file which in other way we require to be in a format as defined in the documentation


Krb.conf file actually defined


[root@XXXkerberos]# more krb5.conf


The OKINIT trace clear state that format of krb5.conf file is improper


### okinit trace shows the following ##

nauk5lx_get_krbhst: Returning 70: Improper format of configuration file
nauk5lx_get_krbhst: exit
snauk5l_sendto_kdc: Call to snauk5j_locate_kdc failed.
snauk5l_sendto_kdc: Returning 70: Improper format of configuration file


 The setup for Kerberos authentication is under initial stage of configuration


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.