kinit
An administrator can obtain an initial Kerberos ticket for a specified principal using the kinit command, and then cache the initial ticket into the ticket cache. Once kinit is executed successfully, any existing tickets for the principal are overwritten. You can use the kinit command to verify that a generated keytab file is working with the Kerberos and Active Directory Domain Controllers. Usage:
kinit [-5] [-4] [-V] [-l lifetime] [-s start_time] [-r renewable_life][-f | -F] [-p | -P] [-A] [-v] [-R] [-k [-t keytab_file]] [-c cachename] [-S service_name] [principal] |
|
Option |
Description |
Kerberos Version |
|---|---|---|
|
-5 |
Use Kerberos 5 |
By default, Kerberos version 5 is used. |
|
-4 |
Use Kerberos 4 |
4, if available |
|
-V |
Verbose |
4, 5 |
|
-l |
Lifetime |
4, 5 |
|
-s |
Start time |
5 |
|
-r |
Renewable lifetime |
5 |
|
-f |
Forwardable |
5 |
|
-F |
Not forwardable |
5 |
|
-p |
Can be proxied |
5 |
|
-P |
Cannot be proxied |
5 |
|
-A |
Do not include addresses |
5 |
|
-v |
Validate |
5 |
|
-R |
Renew |
5, or both 5 and 4 |
|
-k |
Use keytab |
5, or both 5 and 4 |
|
-t |
Filename of keytab to use |
5, or both 5 and 4 |
|
-c |
Kerberos 5 cache name |
5 |
|
-S |
Service |
5, or both 5 and 4 5.3 |
- © 2010, Oracle Corporation and/or its affiliates