Hi,
i would like to use on Centos 5 Microsoft kerberos tickets for
authentication for some applications. LDAP FDS for example.
For that I have to add some spn to Active Directory. And afterwards to
export this to local keytab.
---------
kadmin -q "add_principal -randkey ldap/${INSTANCE}.${fully-qualified-domain}"
Then, export that key to a keytab file. If you've deployed other
services which also authenticate users using Kerberos on the same
system, it's recommended that you give each one its own keytab file.
kadmin -q "ktadd -k /etc/dirsrv/slapd-${INSTANCE}/${INSTANCE}.keytab
ldap/${INSTANCE}.${fully-qualified-domain}"
------------
My kerberos integration has beend done. net join, net testjoin, kinit
does work.
My problem at the moment is the kadmin command for add and export the
upn. I get always the following errors.
----
kadmin -k
Authenticating as principal host/[email protected] with
default keytab.
kadmin: Database error! Required KADM5 principal missing while
initializing kadmin interface
----
My main question is it possible to use kadmin to add/modify/export
upn/spn in a Active Directory?
Are there other linux tools to do that?
thanks for any help
best regards
seppel
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
