[Samba] net ads commands and princs in krb5.keytab
Rick Brown
Rick.Brown at oit.gatech.edu
Thu Dec 2 16:33:04 GMT 2004
I don't think this is possible, but it should be!
I want to use net ads commands for administrators on the command line
without including the domain admin accounts password.
Currently, I'm doing so via command lines such as:
net ads password username at .AD.DOMAIN.EDU \
-U admin_user at AD.DOMAIN.EDU%admin_password users_new_password
/net ads search sAMAccountName=username \
-U admin_user at AD.DOMAIN.EDU%admin_password
I can't stand having to include admin passwords on the command line,
and worse yet in the php scripts that call 'em.
What I'd prefer is to be able to use a krb5 princ in
/etc/krb5.keytab such as one would with kinit or kadmin with -p
and -k arguments. Is this currently possible (but undocumented),
or planned for future development?
[ Rick Brown ][ (404) 894-6175 ]
[ Office of Information Technology ][ rick at oit.gatech.edu ]
[ Georgia Institute of Technology ][ 258 4th street. Atlanta, GA ]
More information about the samba
mailing list