windows kerberos dump
Stefan (metze) Metzmacher
metze at samba.org
Mon Aug 20 09:55:47 MDT 2012
Am 20.08.2012 14:18, schrieb Andrew Bartlett:
> On Mon, 2012-08-20 at 14:46 +0300, Amit Portnoy wrote:
>> Hi,
>>
>> I found some old messages stating that samba can export principles data
>> from windows active directory.
>>
>> I'm trying to figure out where is the code that does that?
>>
>> I need to get the AES keys used by the active directory's KDC (kerberos)
>> when signing server tickets (documentation state that it is part of the
>> supplementalCredentials structure.. but nothing on the structure internals
>> or how to get it).
>>
>> (I'm not hacking, I have full privilege in the active directory server (and
>> able to run as lsass.exe service))
>
> Join the domain with Samba4, then run 'samba-tool domain exportkeytab'.
> (I figure keytab format is probably the easiest for you to apply to
> whatever your task is).
>
net rpc vampire keytab -I <ip> -U<admin-account> /absolute/path/to/keytab
of 3.6 oder higher would also eyport all keys. (you can also run this
multiple times to just update the keytab.
With this command there won't be a new DC object in the AD domain
as it just runs as administrator.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120820/fee46dd6/attachment.pgp>
More information about the samba-technical
mailing list