{"id":9701,"date":"2014-03-04T16:01:30","date_gmt":"2014-03-04T21:01:30","guid":{"rendered":"http:\/\/jianmingli.com\/wp\/?p=9701"},"modified":"2014-03-14T12:51:53","modified_gmt":"2014-03-14T17:51:53","slug":"generate-windows-keytab-files","status":"publish","type":"post","link":"https:\/\/jianmingli.com\/wp\/?p=9701","title":{"rendered":"Generate Windows Keytab Files"},"content":{"rendered":"
\n

Contents<\/h2>\n
    \n\t
  1. \n\t\tSteps<\/a>\n\t<\/li>\n\t
  2. \n\t\tReferences<\/a>\n\t<\/li>\n<\/ol>\n<\/ol>\n<\/div>\n
     <\/div>\n

    Steps<\/h2><\/span>\n

    * Login domain controller as Administrator
    \n* Create a service account in AD, e.g. svc.l7.gateway<\/strong>:<\/p>\n

    \"layer7_policy_authoring_create_svc.l7.gateway_user_1\"<\/a><\/h6><\/span>\n
    \"layer7_policy_authoring_create_svc.l7.gateway_user_2\"<\/a><\/h6><\/span>\n

    * Issue ktpass<\/strong> command:<\/p>\n

    \r\nktpass -princ HTTP\/layer7.mytest.local@MYTEST.LOCAL -mapuser svc.l7.gateway -pass Welcome1 -out c:\\layer7.keytab\r\n<\/pre>\n
    * Output:<\/p>\n
    \r\nC:\\Documents and Settings\\Administrator>ktpass -princ HTTP\/layer7.mytest.local@M\r\nYTEST.LOCAL -mapuser svc.l7.gateway -pass Welcome1 -out c:\\layer7.keytab\r\nTargeting domain controller: DC01.MYTEST.local\r\nSuccessfully mapped HTTP\/layer7.mytest.local to svc.l7.gateway.\r\nWARNING: pType and account type do not match. This might cause  problems.\r\nKey created.\r\nOutput keytab to c:\\layer7.keytab:\r\nKeytab version: 0x502\r\nkeysize 72 HTTP\/layer7.mytest.local@MYTEST.LOCAL ptype 0 (KRB5_NT_UNKNOWN) vno 2\r\n etype 0x17 (RC4-HMAC) keylength 16 (0xcf3a5525ee9414229e66279623ed5c58)\r\n<\/pre>\n
    References<\/h2><\/span>\n
    * Generating the Keytab File and Mapping the Service Principal Nam<\/a>e
    \n*     Ktpass<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
    Steps * Login domain controller as Administrator * Create a service account in AD, e.g. svc.l7.gateway: * Issue ktpass command: ktpass -princ HTTP\/layer7.mytest.local@MYTEST.LOCAL -mapuser svc.l7.gateway -pass Welcome1 -out c:\\layer7.keytab * Output: C:\\Documents and Settings\\Administrator>ktpass -princ HTTP\/layer7.mytest.local@M YTEST.LOCAL -mapuser svc.l7.gateway -pass … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[472,287],"tags":[275,628,440],"class_list":["post-9701","post","type-post","status-publish","format-standard","hentry","category-ad-security","category-kerberos","tag-ad","tag-kerberos","tag-keytab"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p8cRUO-2wt","_links":{"self":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/9701","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=9701"}],"version-history":[{"count":6,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/9701\/revisions"}],"predecessor-version":[{"id":9703,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=\/wp\/v2\/posts\/9701\/revisions\/9703"}],"wp:attachment":[{"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=9701"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=9701"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jianmingli.com\/wp\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=9701"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}