Example--Adding a Service Principal to a Keytab
The following example adds the kadmin/admin and kadmin/changepw principals to a master KDC's keytab. For this example, the keytab file must be the one specified in the kdc.conf file.
kdc1 # /usr/krb5/bin/kadmin.local kadmin.local: ktadd -k /etc/krb5/kadm5.keytab kadmin/admin kadmin/changepw Entry for principal kadmin/admin@ACME.COM with kvno 3, encryption type DES-CBC-CRC added to keytab WRFILE:/etc/krb5/kadm5.keytab. Entry for principal kadmin/changepw@ACME.COM with kvno 3, encryption type DES-CBC-CRC added to keytab WRFILE:/etc/krb5/kadm5.keytab. kadmin.local: quit |
The following example adds denver's host principal to denver's keytab file, so denver's network services can be authenticated by the KDC.
denver # /usr/krb5/bin/kadmin kadmin: ktadd host/denver@acme.com@ACME.COM kadmin: Entry for principal host/denver@acme.com@ACME.COM with kvno 2, encryption type DES-CBC-CRC added to keytab WRFILE:/etc/krb5/krb5.keytab. kadmin: quit |
- © 2010, Oracle Corporation and/or its affiliates