windows kerberos dump
Andrew Bartlett
abartlet at samba.org
Mon Aug 20 06:18:53 MDT 2012
On Mon, 2012-08-20 at 14:46 +0300, Amit Portnoy wrote:
> Hi,
>
> I found some old messages stating that samba can export principles data
> from windows active directory.
>
> I'm trying to figure out where is the code that does that?
>
> I need to get the AES keys used by the active directory's KDC (kerberos)
> when signing server tickets (documentation state that it is part of the
> supplementalCredentials structure.. but nothing on the structure internals
> or how to get it).
>
> (I'm not hacking, I have full privilege in the active directory server (and
> able to run as lsass.exe service))
Join the domain with Samba4, then run 'samba-tool domain exportkeytab'.
(I figure keytab format is probably the easiest for you to apply to
whatever your task is).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical
mailing list