"Draht, Jeffrey" <[email protected]> writes: > I’d rather communicate this way if possible?
> Does the kadmin binary run on a non-kdc Solaris_10 ldap, kerberos > Client? > The KDC and AD Server are Windows 2008. > I am having difficulty with keytabs. I’d rather have the Unix Team > Administer Rather than have the Intel/MS Team Create them? Unfortunately, each major Kerberos implementation uses a substantially different kadmin protocol (well, Heimdal's kadmind server supports most of the MIT protocol), and Microsoft's AD in particular doesn't use the kadmin protocol at all. You can create something kadmin-like to run on UNIX and create keytabs for AD if you use LDAP to create the object in AD and set its password and then generate a key from the same password. I don't know if anyone has already done that work and provided it in some easy-to-use packaged form, though. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
