ktpass with principal name different than domain controller domain
Douglas E. Engert
deengert at anl.gov
Wed Feb 15 13:49:02 EST 2006
Celia Clark wrote:
> Hi,
>
> I am trying to do the following:
>
> ktpass -princ HTTP/user.domain.com at DOMAIN.COM mapuser user -pass password01.
>
> The command is run on a domain controller with a different domain than what
> is specified in the service name, e.g. DOMAIN2.COM.
>
> Is this possible?
It should work, if the two domains are in the same forest. The command is
run by the current user, so your user account would need authority in the
DOMAIN2.COM to add accounts.
The ktpass command does not have to run on a DC.
>
> Many thanks,
>
> Celia
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list