JGSS GSSName.NT_HOSTBASED_SERVICE not working for kerberos service keytab

Question

I am testing the JGSS sample on my local domain but have a problem with hostbased service. Below is the setup:

1. obtain a keytab generated from command ktpass -princ myservice/[email protected] -mapuser [email protected] -crypto RC4-HMAC-NT -ptype KRB5_NT_PRINCILAL -pass krbpass -out myservice-host.keytab

2. system admin run setspn -S myservice/host.my.example.com krbsrv to set SPN for active directory.

3. from GssClient.java create the serverprincipal by:

   GSSName serverName = manager.createName(serverPrinc, GSSName.NT_HOSTBASED_SERVICE);
   

   this will result in java.security.PrivilegedActionException: GSSException: No valid credentials provided (Mechanism level: Server not found in Kerberos database (7)) exception.

4. but if I call createName() with GSSName.NT_USER_NAME there will be no error.

5. I have asked system admin and verified no duplicate for setspn -L krbsrv and setspln-X myservice/host.my.example.com.

So would there be anything I have messed up? The server is running on Solaris and client is running on Windows, both on Java 6u27.

Advice is greatly appreciated.