Creating a keytab for an AD user
speidy at gmail.com
Sun Sep 23 15:37:27 EDT 2018
Microsoft’s utility called ‘ktpass’ and it fetches the salt from KDC.
בתאריך יום א׳, 23 בספט׳ 2018 ב-20:14 מאת Greg Hudson <ghudson at mit.edu>:
> On 09/23/2018 11:05 AM, Markus Moeller wrote:
> > Is that a known change (i.e. which AD attribute is used instead of
> the user id) and can ktutil addent get an option to set the salt ?
> I do not know if Active Directory changed. On the MIT krb5 side, we
> added a -salt option to ktutil addent in release 1.16. We also have an
> unfinished feature to fetch the salt from the KDC; I can't say if and
> when that work will be completed.
> There is also a popular third-party tool called msktutil which may be
> easier to use for this operation.
> In the future, please use kerberos at mit.edu for operational questions
> like this, not the development list.
> krbdev mailing list krbdev at mit.edu
GPG FP: 8108 7EC9 806E 4980 75F2 72B3 8AD3 2D04 337B 1F18
More information about the krbdev