The MIT ktutil has an addent subcommand added in 1999-08-06 sometime
prior to version 1.2.2. Heimdal implemented the add subcommand in
March of 1998.
As you point out the Solaris 9 verison of ktutil does not have this.
I don't think it has arcfour support in the libs either. We use MIT
Kerberos on Solaris which does introperate will with Windows AD.
Jacques Lebastard wrote:
Douglas E. Engert wrote:
If your service is running on Unix, then you must make sure that
you create a keytab containing entries for each of the keys that
Windows can produce for the SPN. (RC4-HMAC, DES-CBC-MD5, DES-CBC-CRC).
The DES enctypes will only be used if the account associated with
the SPN is marked DES only.
How can I check this and, second question, how can I generate a
keytab with RC4-HMAC encryption ? The ktpass tool does not accept the
RC4-HMAC crypto type:
If you knew the password (or key) added to AD, you could try using
ktutil,
instead of ktpass.
Use addent ... -e arcfour-hmac-md5
Ktutil let me create a keytab, I don't know if is correct.
No such 'addent' command for ktutil running on Solaris 9 :-( :
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos