On 3/14/2011 10:12 AM, Murray Trainer wrote:
> Hi,
>
> I am using the latest Kerberos for Windows from Secure Endpoints. I created
> the Windows DOS batch file below that obtains my kerberos 5 tickets using a
> keytab file.
>
> set krb_user=murray
> set KRB5CCNAME=FILE:c:\krb5cc_%krb_user%
> set KRB5_KTNAME=\%krb_user%.keytab
> kinit -5 -r 7d -k -t C:\%krb_user%.keytab %krb_us...@mydomain.net
> start /min C:\"Program Files"\MIT\Kerberos\bin\netidmgr.exe
>
> The kinit line works and if I do a klist I have kerberos 5 tickets. The last
> line in the script is intended to start Windows Netidmgr so it automatically
> renews these tickets using the keytab file. Netidmgr starts and if I
> maximise it my identity is greyed out and my tickets don't get renewed unless
> I manually renew them by entering my password. After that my tickets are
> renewed automatically. Is there any way of making Netidmgr use the Keytab
> file instead of requiring passwords be entered?
>
> Any assistance is appreciated
>
> Thanks
>
> Murray
NetIdMgr doesn't know to look for your FILE: cache since it has no
method of enumerating FILE caches. You need to manually add your FILE
cache to the search list on the Options->Kerberos v5->Credential Caches
page. Once that is done NetIdMgr will be able to recognize and renew
the credentials.
Built-in support for keytab based identities is on the list of items we
wish to add but I'm not sure when it will be done.
Jeffrey Altman
signature.asc
Description: OpenPGP digital signature
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
