Frequently encountered issues

When the spnego.bat script is run, various error messages may appear.

 

Message

  • “Some arguments are missing, please provide the correct arguments”.

OR

  • “Too many arguments, please provide the correct arguments”.

Solution

Check that the arguments <FW>, <dns>, <WINDOWS>, <password> and <file> are present.

Each of these arguments is necessary for running the script.

 

Message

"The file keytab_filename already exists, please choose another filename to output the keytab."

Solution

A keytab file with the provided name already exists in the folder in which the script is to be run. Rename this file.

 

Message

  • "The setspn program is not present on the system or is not in the path".

OR

  • "The ktpass program is not present on the system or is not in the path".

OR

  • "The reg program is not present on the system or is not in the path".

OR

  • "The ldifde program is not present on the system or is not in the path".

Solution

Check whether support tools or the path are present in the system.

 

Message

  • "This computer does not seems to be running Windows XXXX Server or Windows YYYY Server >> %log%".

OR

  • "This computer does not seem to be running a Server edition of Windows".

OR

  • "This script should only be run on a Windows Domain Controller which requires a Server edition of Windows".

Solution

Ensure that your version of Microsoft Windows is compatible with the running of the spnego.bat script.

 

Message

  • Creating the user returned an error, please check your arguments.

OR

  • It is possible that your password restrictions applied.

OR

  • Setting the principal name returned an error, please check your arguments.

OR

  • Creating the keytab file did not work, please check your arguments.

Solution

  • The user creation process has been disrupted. Check that the password complies with the security policy.
  • Check that the user running the script has sufficient privileges to create a new one.
  • Check that the user has sufficient privileges to create the service name.
  • Check that the user has sufficient privileges to create the keytab.