How to obtain a keytab for a Windows application server?
Jeffrey Altman
jaltman2 at nyc.rr.com
Fri Feb 13 10:15:38 EST 2004
"kadmin" is a KDC administration tool. KfW does not include "kadmin"
because KfW does not support the hosting of a KDC on Windows. "Kadmin"
is used to generate a keytab record from a principal stored within the
KDC database. After producing the keytab file on the machine hosting
the KDC, then you can securely move it to Windows and place it somewhere
that your KfW based application can find it.
Jeffrey Altman
KfW Maintainer
Colin Caughie wrote:
> Hi,
>
> I'm looking into using Kerberos (probably MIT) to add secure authentication
> to a distributed application involving both Windows and Linux hosts.
>
> What I can't figure out is: If I have a Windows based application server,
> how do I set up its keytab? The docs say that application servers' keytabs
> are set up by running kadmin on the machine hosting the server, but MIT
> Kerberos for Windows doesn't seem to include kadmin.
>
> Ideally I'd like to be able to automate the keytab generation as part of the
> installation process of the application server. If I could build the kadm5
> library for Windows, I could presumably just link to that and do the whole
> thing programmatically.
>
> Does anyone have any suggestions?
>
> Thanks in advance,
>
> Colin Caughie
>
>
More information about the Kerberos
mailing list