Normally the ktpass is only used for service accounts like for a host, -princ host/[EMAIL PROTECTED] not for a user, as this would reset the user password.
Florian Preuß wrote:
Hi,
I have a problem generating a keytab file using ktpass.
The command I use: ktpass -princ [EMAIL PROTECTED] -mapuser replic -pass password -out krb5.keytab
The error message: Targeting domain controller: domainc.test.net Failed to set property "servicePrincipalName" to "TEST" on Dn "CN=test,OU=Servic es,OU=Test,DC=test,DC=net": 0x13. WARNING: Unable to set SPN mapping data. If test already has an SPN mapping installed for TEST, this is no cause for concern. Key created. Output keytab to krb5.keytab: Keytab version: 0x502 keysize 44 [EMAIL PROTECTED] ptype 1 (KRB5_NT_PRINCIPAL) vno 4 etype 0x3 (DES-C
You must have run this before, as it is upto kvno 4, and it may have set the SPN from some previous attempt. Did you use the user TEST the first time you run this?
BC-MD5) keylength 8 (0xda686262b5cb760b) Account test has been set for DES-only encryption.
--
Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
