[Samba] Generating keytabs for other hosts
Pat Suwalski
pat at suwalski.net
Tue Jan 21 11:32:49 MST 2014
On 14-01-21 12:58 PM, steve wrote:
> Not sure what you are trying to do but:
>
> samba-tool spn add host/client Administrator
> samba-tool domain exportkeytab your.keytab --principal=host/client
>
> would get the host principal into a keytab.
Right, I knew that. I guess I got lost in the terminology because it's
backward in samba-tool --help:
Usage: samba-tool spn add <name> <user> [options]
Usage: samba-tool spn list <user> [options]
Using your example, "samba-tool spn list Administrator" does not return
anything interesting:
administrator
User CN=Administrator,CN=Users,DC=foobar,DC=ca has no
servicePrincipalName
But, "samba-tool spn list myhost$":
User CN=myhost,CN=Computers,DC=foobar,DC=ca has the following
servicePrincipalName:
HOST/HERACLES
HOST/myhost.foobar.ca
The help message for "spn list" should probably use "<name>" as the
parameter.
--Pat
More information about the samba
mailing list