can you show how to generate the keytab file?
and you also can use ktutil to list the entry. check if the algothrim is matched, and better to use zero(0) as value for KVNO. It seems like Sun JDK has some problem with KVNO.
Junior Member
can you show how to generate the keytab file?
and you also can use ktutil to list the entry. check if the algothrim is matched, and better to use zero(0) as value for KVNO. It seems like Sun JDK has some problem with KVNO.
Junior Member
How the keytab file is generated
Spoke with our admin guys and they said exactly as per http://blog.springsource.com/2009/09...rity-kerberos/, so that should be (on Microsoft)Originally Posted by lipman
ktpass /out http-web.keytab /mapuser http-web.springsource.com@SPRINGSOURCE.COM /princ HTTP/web.springsource.com@SPRINGSOURCE.COM /pass *
EXCEPT the user was HTTP-IFDS11812
PART 2 (about the keytab file)
Usage: klist [[-c] [-f] [-e]] [-k [-t] [-K]] [name]
name name of credentials cache or keytab with the prefix. File-based cache or ke
-c specifes that credential cache is to be listed
-k specifies that key tab is to be listed
options for credentials caches:
-f shows credentials flags
-e shows the encryption type
options for keytabs:
-t shows keytab entry timestamps
-K shows keytab entry key value
-e shows keytab entry key type
Usage: java sun.security.krb5.tools.Klist -help for help.
C:\WINDOWS>klist -e -t -k http-IFDS11812.keytab
Key tab: http-IFDS11812.keytab, 1 entry found.
[1] Service principal: HTTP/IFDS11812@IFDSGROUP.CO.UK
KVNO: 3
Key type: 3
Time stamp: Jan 01, 1970 01:00
C:\WINDOWS>
Reply With Quote
