Web lists-archives.com

[Samba] Export keytab for SPN




Hello,

I am trying to export keytab by following this guide:

https://wiki.samba.org/index.php/Generating_Keytabs

OS: CentOS 7.5
Samba: samba-dc-4.7.6-0.el7.centos.x86_64 (from Tranquil repo)

Everything seems to work, but keytab is not exported (keytab file is not
created).

[root@ads1 /]# net ads enctypes list svc_confluence_sso
'svc_confluence_sso' uses "msDS-SupportedEncryptionTypes": 31 (0x0000001f)
[X] 0x00000001 DES-CBC-CRC
[X] 0x00000002 DES-CBC-MD5
[X] 0x00000004 RC4-HMAC
[X] 0x00000008 AES128-CTS-HMAC-SHA1-96
[X] 0x00000010 AES256-CTS-HMAC-SHA1-96

[root@ads1 /]# samba-tool spn list svc_confluence_sso
svc_confluence_sso
User CN=SSO Confluence,CN=Users,DC=ad,DC=brotel,DC=cz has the following
servicePrincipalName:
         HTTP/srv1.ad.brotel.cz@xxxxxxxxxxxx

[root@ads1 /]# samba-tool domain exportkeytab test.keytab --principal=HTTP/
srv1.ad.brotel.cz@xxxxxxxxxxxx
Export one principal to test.keytab

[root@ads1 /]# ls *.keytab
ls: cannot access *.keytab: No such file or directory

Exporting keytab for user svc_confluence_sso works.

Do you have any suggestions?

Best regards

Michal
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba