PostgreSQL Kerberos Authentication

Hello All,

I am trying to configure PostgreSQL9.6 (On Centos 7.4) with Kerberos (Active Directory) via GSSAPI authentication and I'm getting the following error:

[postgres(at)hostname data]$ psql -h hostname -U USERNAME(at)DOMAIN(dot)COM postgres
psql: GSSAPI continuation error: Unspecified GSS failure. Minor code may provide more information
GSSAPI continuation error: Server not found in Kerberos database

I did the following configuration:

1.- Create KeyTab in Active Directory:
ktpass -out postgres_instance.keytab -princ postgres/hostnamename(dot)domain(dot)com(at)DOMAIN(dot)COM -mapUser svcPostgres -pass <password> -crypto all -ptype KRB5_NT_PRINCIPAL

2.- Copy the keytab to Linux Server on $PGDATA and change the privileges to postgres:postgres
3.- Configure postgresql.conf
krb_server_keyfile = '/<INSTANCA_NAME>/data/postgres_instance.keytab

4.- Configure /etc/krb5.conf

5.- Request a ticket to the KDC server using kinit (this work OK!)

[postgres(at)hostname ~]$ klist
Ticket cache: KEYRING:persistent:26:krb_ccache_AO0Y1kx
Default principal: USERNAME(at)DOMAIN(dot)COM

Valid starting Expires Service principal
01/30/2018 11:01:59 01/30/2018 21:01:59 krbtgt/DOMAIN(dot)COM(at)DOMAIN(dot)COM
renew until 02/06/2018 11:01:55

6.- Configure pg_hba.conf
host all all 0.0.0.0/0 gss include_realm=1
7.- Create user in PG to test:
create user "USERNAME(at)DOMAIN(dot)COM<mailto:USERNAME(at)DOMAIN(dot)COM>" WITH SUPERUSER;

8.- Testing
[postgres(at)hostname data]$ psql -h hostname -U USERNAME(at)DOMAIN(dot)COM postgres
psql: GSSAPI continuation error: Unspecified GSS failure. Minor code may provide more information
GSSAPI continuation error: Server not found in Kerberos database

I tried generate the Keytab with "postgres" and "POSTGRES" user as a SPN but I get the same error.

Any suggestion is welcome!

Thanks in advance for your help!

Jorge