Problem using ktpass under Windows 2003
"Florian Preuß"
florian-preuss at gmx.net
Mon Jan 31 11:44:42 EST 2005
I found the problem,
I was using Heimdal Kerberos instead of MIT.
THX for help!
> Normally the ktpass is only used for service accounts like
> for a host, -princ host/myworkstation.test.net at TESY.NET
> not for a user, as this would reset the user password.
>
> Florian Preuß wrote:
> > Hi,
> >
> > I have a problem generating a keytab file using ktpass.
> >
> > The command I use:
> > ktpass -princ replic at TEST.NET -mapuser replic -pass password -out
> > krb5.keytab
> >
> > The error message:
> > Targeting domain controller: domainc.test.net
> > Failed to set property "servicePrincipalName" to "TEST" on Dn
> > "CN=test,OU=Servic
> > es,OU=Test,DC=test,DC=net": 0x13.
> > WARNING: Unable to set SPN mapping data.
> > If test already has an SPN mapping installed for TEST, this is no
> cause
> > for concern.
> > Key created.
> > Output keytab to krb5.keytab:
> > Keytab version: 0x502
> > keysize 44 TEST at TEST.NET ptype 1 (KRB5_NT_PRINCIPAL) vno 4 etype 0x3
> (DES-C
>
> You must have run this before, as it is upto kvno 4, and it may have set
> the SPN
> >from some previous attempt. Did you use the user TEST the first time you
> run this?
>
>
> > BC-MD5) keylength 8 (0xda686262b5cb760b)
> > Account test has been set for DES-only encryption.
> >
>
> --
>
> Douglas E. Engert <DEEngert at anl.gov>
> Argonne National Laboratory
> 9700 South Cass Avenue
> Argonne, Illinois 60439
> (630) 252-5444
>
--
GMX im TV ... Die Gedanken sind frei ... Schon gesehen?
Jetzt Spot online ansehen: http://www.gmx.net/de/go/tv-spot
More information about the Kerberos
mailing list