[Samba] ktpass.sh error / How to generate a keytab for a new service (apache) with SAMBA4?
Matthieu Patou
mat at samba.org
Mon Apr 29 22:31:38 MDT 2013
On 04/29/2013 09:52 AM, Tim Vangehugten wrote:
> Hi,
>
> I was trying to get a new keytab in samba4 for my apache service. So I
> tried the following command:
>
> sh ktpass.sh --out /etc/apache.keytab --princ
> HTTP/myhost.samba.my.domain at SAMBA.MY.DOMAIN --pass VerySecure123 --enc
> des-cbc-md5
>
> I get the following error: Unable to find kvno for principal
> HTTP/myhost.samba.my.domain at SAMBA.MY.DOMAIN
Can you do a search like this:
ldbsearch -H ldap://<ip_of_you_dc>
'(serviceprincipalname=HTTP/myhost.samba.my.domain)'
servicePrincipalName -U <user>
I'm suspecting that the SPN is not existing yet.
Matthieu.
--
Matthieu Patou
Samba Team
http://samba.org
More information about the samba
mailing list