KVNO/Keytab Question
Jeffrey Altman
jaltman at secure-endpoints.com
Tue Dec 2 10:44:45 EST 2008
kevin.doran at accenture.com wrote:
> Hi Douglas, thanks for you response.
>
> ktpass was used to create the keytab. The KDC is maintained by our
> local service unit.
>
> We're really scratching our heads at the moment, it seems that each
> time we create a new keytab file shortly afterwards the KVNO in the
> client ticket changes. I've no idea why they are out of sync. What
> changes etc could cause the KVNO to increment on the KDC?
>
> Thanks
>
> Kev
>
Everytime you generate a new keytab with ktpass the key is replaced in
the KDC.
Generate the keytab once with ktpass and then distribute it to your
service ASAP.
Jeffrey Altman
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20081202/b4b52354/attachment.bin
More information about the Kerberos
mailing list