Creating a keytab for an AD user
ghudson at mit.edu
Sun Sep 23 13:13:45 EDT 2018
On 09/23/2018 11:05 AM, Markus Moeller wrote:
> Is that a known change (i.e. which AD attribute is used instead of the user id) and can ktutil addent get an option to set the salt ?
I do not know if Active Directory changed. On the MIT krb5 side, we
added a -salt option to ktutil addent in release 1.16. We also have an
unfinished feature to fetch the salt from the KDC; I can't say if and
when that work will be completed.
There is also a popular third-party tool called msktutil which may be
easier to use for this operation.
In the future, please use kerberos at mit.edu for operational questions
like this, not the development list.
More information about the krbdev