>>>>> "Colin" == Colin Caughie <[EMAIL PROTECTED]> writes:
>> "kadmin" is a KDC administration tool. KfW does not include
>> "kadmin" because KfW does not support the hosting of a KDC on
Colin> Windows. Especially given that (unless I'm mistaken) kadmin
Colin> is the recommended way of securely getting a keytab onto an
Colin> application server machine.
That depends on how secure the remote application server machine is.
I'm unwilling to type my admin password into most application server
machines.
I'd probably use kadmin to get a key on my Kerberos server, Kerberos
slaves, or LDAP servers. I'd tend to use kadmin on a secure
workstation and scp (making sure not to forward credentials) to get
keytabs to most other machines.
--Sam
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
