Samba as a frontend to AFS

Luke Howard lukeh at PADL.COM
Fri Aug 29 02:04:19 GMT 2003

>The "net keytab" is a command that there has been an internal
>request at HP for - thanks ! The ability to generate a "normal"
>krb5 keytab from our secrets database is definately needed.
>One thing I was told is that at least with W2K3 they key version
>number is incremented by one on each machine password change,
>I don't think we currently do this.

The current KVNO can be read from the msDS-KeyVersionNumber 
attribute in AD. This should be the same as the KVNO in the

-- Luke

More information about the samba-technical mailing list