ktexport - Export Kerberos Keys from Active Directory
Andrew Bartlett
abartlet at samba.org
Wed May 3 01:14:31 EDT 2006
On Tue, 2006-05-02 at 21:27 -0400, Michael B Allen wrote:
> I have modified pwdump2 [1] to export a "standard" kerberos keytab
> file. This utility is called ktexport and you can download it here:
>
> http://www.ioplex.com/utilities/
>
> README.ktexport is inlined below but I just want to stress that currently
> the key is the only data within each entry that is actually correct. The
> vno and so on are default values that are almost certainly wrong. However,
> it turns out that Ethereal doesn't care. So the generated sam.keytab
> can be used with Ethereal to decrypt Kerberos tickets. Yeah!
The other similar utility is samba4's 'net samdump keytab'. This does
the same thing, for the same purpose, but remotely. You must join the
domain as a BDC first (net join bdc <domain>).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20060503/3b61c468/attachment.bin
More information about the Kerberos
mailing list