Date: Thu, 16 Jul 2015 09:12:44 +0200 (CEST) From: Raimund Sacherer <rs@logitravel.com> To: greg <greg@mail.gregs-garage.com> Cc: freebsd-questions@freebsd.org Subject: Re: Kerberos Message-ID: <1383995814.37100404.1437030764957.JavaMail.zimbra@logitravel.com> In-Reply-To: <75d664eeb361264e9b4560a89b1a32bf@mail.gregs-garage.com> References: <75d664eeb361264e9b4560a89b1a32bf@mail.gregs-garage.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Greg, > C:\Windows\system32>ktpass -princ HTTP/ad01.example.local@EXAMPLE.LOCAL > -mapuser aduser -pass P@$$word -ptype KRB5_NT_PRINCIPAL -out > :\temp\krb5.keytab For what its worth, we have a couple of servers authenticating against an 2012 domain and we create the key tab file like this: setspn -A HTTP/service.host.name windowsusername ktpass -out key.tab -princ HTTP/service.host.name@EXAMPLE.LOCAL -mapUser windowsuser -mapOp set -pass password -crypto RC4-HMAC-NT -pType KRB5_NT_PRINCIPAL At times we have instead of RC4-HMAC-NT set ALL. Hope this helps, best
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1383995814.37100404.1437030764957.JavaMail.zimbra>