Menu

keytab generation using ktpass

Open Discussion
nag1610
2013-08-14
2014-04-24

  • nag1610

    nag1610 - 2013-08-14

    Hello,

    I had been having some issues with keytab file that I created with ktab in JRE. So, as advised in the thread https://sourceforge.net/p/spnego/discussion/1003768/thread/960ba7ad I got a keytab file created by our Windows Active Directory administrators, as per command line syntax provided in the thread, which is

    ktpass /princ HTTP/YOURCOMPUTERNAMEHERE@YOURDOMAINHERE.COM /mapuser YOURUSERHERE /pass YOURPASSWORDHERE /Target YOURDOMAINHERE.COM /out YOURKEYTABFILENAMEHERE.keytab /kvno 0 /crypto RC4-HMAC-NT /ptype KRB5_NT_PRINCIPAL

    When I run the following command the ktab –l –k <keytabfile> it shows HTTP/YOURCOMPUTERNAMEHERE instead of the YOURUSERHERE. What am I doing wrong?

    My primary problem is that I get following error in spnego : “Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - RC4 with HMAC)”

    I read the above thread which looks to be addressing this problem but the keytab file I got does not resolve the issue.

    Please help.

    Regards,

     

Log in to post a comment.