[Samba] Export keytab for SPN
Michal Sládek
michal at sladkovi.eu
Wed Aug 8 06:40:02 UTC 2018
Hello,
I am trying to export keytab by following this guide:
https://wiki.samba.org/index.php/Generating_Keytabs
OS: CentOS 7.5
Samba: samba-dc-4.7.6-0.el7.centos.x86_64 (from Tranquil repo)
Everything seems to work, but keytab is not exported (keytab file is not
created).
[root at ads1 /]# net ads enctypes list svc_confluence_sso
'svc_confluence_sso' uses "msDS-SupportedEncryptionTypes": 31 (0x0000001f)
[X] 0x00000001 DES-CBC-CRC
[X] 0x00000002 DES-CBC-MD5
[X] 0x00000004 RC4-HMAC
[X] 0x00000008 AES128-CTS-HMAC-SHA1-96
[X] 0x00000010 AES256-CTS-HMAC-SHA1-96
[root at ads1 /]# samba-tool spn list svc_confluence_sso
svc_confluence_sso
User CN=SSO Confluence,CN=Users,DC=ad,DC=brotel,DC=cz has the following
servicePrincipalName:
HTTP/srv1.ad.brotel.cz at AD.BROTEL.CZ
[root at ads1 /]# samba-tool domain exportkeytab test.keytab --principal=HTTP/
srv1.ad.brotel.cz at AD.BROTEL.CZ
Export one principal to test.keytab
[root at ads1 /]# ls *.keytab
ls: cannot access *.keytab: No such file or directory
Exporting keytab for user svc_confluence_sso works.
Do you have any suggestions?
Best regards
Michal
More information about the samba
mailing list