How to obtain a keytab for a Windows application server?

Peter Huang peter.huang at hp.com
Fri Feb 13 13:36:20 EST 2004


Have you look at samba 3.0 code?  There is enough to create the keytab (I
have done some work to get keytab from w2k KDC, so I know it is possible)

-peter huang

"Colin Caughie" <c.caughie at NOSPAMdial.pipex.com> wrote in message
news:402d0284$0$7072$ed9e5944 at reading.news.pipex.net...
> > "kadmin" is a KDC administration tool.  KfW does not include "kadmin"
> > because KfW does not support the hosting of a KDC on Windows.
>
> ...but the kadmin client can also be used to administer a remote KDC can
it
> not? So it would still be useful to have on Windows even if you can't have
a
> KDC on Windows. Especially given that (unless I'm mistaken) kadmin is the
> recommended way of securely getting a keytab onto an application server
> machine.
>
> (I think what I'm really after is the kadm5 library, not kadmin itself --
> I'm looking for a programmatic way of initialising the keytab on the
> application server).
>
> Cheers,
> Colin Caughie
>
>




More information about the Kerberos mailing list