SQL Developer

I'm trying to authenticate using Kerberos Authentication. Let's say the server is oracle.mydomain.com, and the kdc is kdc.sub.mydomain.com. Now, I have one machine that is joined to the sub.mydomain.com domain, and another machine which is on a totally different domain thatdomain.com.

Now, I use this as my krb5.ini file

[libdefaults]

default_realm = sub.mydomain.com

dns_lookup_kdc = true

dns_lookup_realm = true

[realms]

sub.mydomain.com = {

default_domain = sub.mydomain.com

kdc = kdc.sub.mydomain.com
}

and on the machine that is joined to the sub domain, it connects. If I use the same file for the other machine, I get "Status : Failure - Test failed: Peek timed out". Now I tried kinit on that machine "kinit testacct" and it properly gives me "Enter password for testacct@sub.mydomain.com" to which I enter the password and it gives me "New ticket is stored in cache file C:\Users\testacct\krb5cc_testacct", so that seems to be working, I just don't know why the SQL developer doesn't. Any ideas? Does the machine have to be joined to the domain in order to work with kerberos? FYI I have tried and I can ping the servers and telnet to the oracle server port, so it doesn't seem like a network issue...?

The machine that is connecting is on the same subnet and uses the same DNS servers, it is just joined to a different domain.

Edited by: 850630 on Apr 14, 2011 5:38 AM

Edited by: 850630 on Apr 14, 2011 5:39 AM