Hi, Looking dns.key he has more encryption options:
$ klist -ke dns.keytab Keytab name: WRFILE:dns.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 DNS/smb4.nisled....@nisled.org (des-cbc-crc) 1 dns-s...@nisled.org (des-cbc-crc) 1 DNS/smb4.nisled....@nisled.org (des-cbc-md5) 1 dns-s...@nisled.org (des-cbc-md5) 1 DNS/smb4.nisled....@nisled.org (arcfour-hmac) 1 dns-s...@nisled.org (arcfour-hmac) 1 DNS/smb4.nisled....@nisled.org (aes128-cts-hmac-sha1-96) 1 dns-s...@nisled.org (aes128-cts-hmac-sha1-96) 1 DNS/smb4.nisled....@nisled.org (aes256-cts-hmac-sha1-96) 1 dns-s...@nisled.org (aes256-cts-hmac-sha1-96) $ klist -ke http.keytab Keytab name: WRFILE:http.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 HTTP/ejbca.nisled....@nisled.org (des-cbc-crc) 1 HTTP/ejbca.nisled....@nisled.org (des-cbc-md5) 1 HTTP/ejbca.nisled....@nisled.org (arcfour-hmac) How to enable these encryptions in my http.keytab? Clodonil 2013/1/24 Hleb Valoshka <375...@gmail.com> > Please! Don't write into private mail. Thanks. > > > $ Samba-tool user create http-user --random-password > > $ Samba-tool spn add HTTP/www.nisled.org http-user > > Okay, you've got user http-user with principals http-u...@nisled.org > and HTTP/www.nisled....@nisled.org. > > > $ Samba-tool domain exportkeytab --principal=HTTP/www.nisled.org > > http.keytab > > Here you export _only_ HTTP/www.nisled....@nisled.org. > > > $ kinit -k -t http.keytab http-user > > kinit: Key table entry not found while getting initial credentials > > Of cause, because you didn't export it. > > > Can anyone help me? > > Export http-u...@nisled.org too. > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
