net samdump keytab / net export keytab
Andrew Bartlett
abartlet at samba.org
Mon Jan 11 16:39:58 MST 2010
On Sat, 2010-01-09 at 14:03 +0300, Matthieu Patou wrote:
> Hello andrew,
>
> I was looking a bit more carefully at net (and doing some docs) when I
> discovered the function net samdump keytab which looks to produce a
> keytab for a domain.
> I am wondering if it would be worth to merge the two command in one and
> make net samdump use the code of net export keytab if the local samba
> server is a DC.
>
> Your point of view ?
Yes, the purpose of 'net export keytab' is very similar to 'net samdump
keytab'. The difference is that the Samba3 command does not need you to
join the domain, and can export out (using the password history) older
keys.
We could write a very similar tool for Samba4 that uses DRS directly
(ie, merge that code from Samba3), or indeed, just make 'net samdump' do
as you suggest.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20100112/018d0b12/attachment.pgp>
More information about the samba-technical
mailing list