2 Apache instances running with different Service Account

Hi all,

I;m having trouble with on of 2 Apache instances. The VHOST seems to take well the HTTP.keytab and Server Principal configuration at the startup of the Apache Service.

But when the first web request, it seems like it's not accepting the HTTP.keytab location defined at the beginning and it's trying to look on default location.

I'm using the AuthVasKeytabFile directive for defining the location of the file.

[Thu Sep 19 11:05:17 2013] [debug] mod_auth_vas.c(2312): [client 1.1.1.1] [mod_auth_vas] auth_vas_check_user_id: auth_type=VAS

[Thu Sep 19 11:05:17 2013] [debug] mod_auth_vas.c(2342): [client 1.1.1.1] [mod_auth_vas] sending initial negotiate headers

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(2312): [client 1.1.1.1] [mod_auth_vas] auth_vas_check_user_id: auth_type=VAS

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(2359): [client 1.1.1.1] [mod_auth_vas] Got: 'Authorization: Negotiate [...]'

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1457): [client 1.1.1.1] [mod_auth_vas] do_gss_spnego_accept: line='YIIIUQYGKwYBBQUCoIIIRTCCCEGgMDAu...'

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1469): [client 1.1.1.1] [mod_auth_vas] do_gss_spnego_accept: server keytab: /nfs/path/HTTP.keytab

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1470): [client 1.1.1.1] [mod_auth_vas] do_gss_spnego_accept: server principal: HTTP/myhost.com

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1416): [client 1.1.1.1] [mod_auth_vas] rnote_get: creating rnote

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1498): [client 1.1.1.1] [mod_auth_vas] calling vas_gss_spnego_accept, base64 token_size=2844

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1513): [client 1.1.1.1] [mod_auth_vas] do_gss_spnego_accept: server keytab /nfs/path/HTTP.keytab

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1367): [client 1.1.1.1] [mod_auth_vas] initialize_user

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1395): [client 1.1.1.1] [mod_auth_vas] initialize_user: Remote user principal name is user@mydomain.com

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(2922): [client 1.1.1.1] [mod_auth_vas] set_remote_user: setting REMOTE_USER for user@mydomain.com

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(2936): [client 1.1.1.1] [mod_auth_vas] set_remote_user: setting REMOTE_USER variable using ldap-attr sAMAccountName name mapping

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(492): [client 1.1.1.1] [mod_auth_vas] set_user_obj

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(2655): [client 1.1.1.1] [mod_auth_vas] set_remote_user_attr: Using VAS cache for lookup of sAMAccountName attribute

[Thu Sep 19 11:05:18 2013] [info] [client 1.1.1.1] [mod_auth_vas] Remote user set from user@mydomain.com to user (attribute sAMAccountName)

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(2944): [client 1.1.1.1] [mod_auth_vas] set_remote_user: Mapped user to juancgox using ldap-attr sAMAccountName name mapping

[Thu Sep 19 11:05:18 2013] [error] [client 1.1.1.1] [mod_auth_vas] do_gss_spnego_accept: auth_vas_user_use_gss_result failed: VAS_ERR_CRED_NEEDED: Unable to find a keytab entry in /etc/opt/quest/vas/HTTP.keytabfor HTTP/myhost.com

[Thu Sep 19 11:05:18 2013] [error] [client 1.1.1.1] [mod_auth_vas] auth_vas_user_use_gss_result: unknown routine error

[Thu Sep 19 11:05:18 2013] [error] [client 1.1.1.1] [mod_auth_vas] auth_vas_user_use_gss_result: Success

[Thu Sep 19 11:05:18 2013] [debug] mod_auth_vas.c(1339): [client 1.1.1.1] [mod_auth_vas] auth_vas_cleanup_request

Thanks in advance for your help,

Regards,

Obed N Munoz