Applies To: Windows Server (Semi-Annual Channel), Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
-->
Oct 26, 2015 First see whether you have codeshasum/code or codesha1sum/code installed? If you don't have either you can use codeopenssl dgst/code, which is what I will use in the my example (despite having a more complex command line syntax). Optionally create a SHA-1 checksum of your files. For further security of the encryption process you can define a HMAC key. Sha1 converter. Upload and generate a SHA1 checksum of a file: SHA-1 converter. Or enter the text you want to convert to a SHA-1 hash.
Configures the server principal name for the host or service in active directory Domain Services (AD DS) and generates a .keytab file that contains the shared secret key of the service. The .keytab file is based on the Massachusetts Institute of Technology (MIT) implementation of the Kerberos authentication protocol. The ktpass command-line tool allows non-Windows services that support Kerberos authentication to use the interoperability features provided by the Kerberos Key Distribution Center (KDC) service. This topic applies to the operating system versions designated in the Applies To list at the beginning of the topic.
SyntaxParameters
remarks
Services running on systems that are not running the Windows operating system can be configured with service instance accounts in active directory Domain Services. This allows any Kerberos client to authenticate to services that are not running the Windows operating system by using Windows KDCs.
The /princ parameter is not evaluated by ktpass and is used as provided. There is no check to see if the parameter matches the exact case of the userPrincipalName attribute value when generating the Keytab file. Case sensitive Kerberos distributions using this Keytab file might have problems when there is no exact case match and could fail during pre-authentication. Check and retrieve the correct userPrincipalName attribute value from a LDifDE export file. For example: ExamplesGenerate Sha1 Key For Group Of Files In Windows Explorer
The following example illustrates how to create a Kerberos .keytab file, machine.keytab, in the current directory for the user Sample1. (You will merge this file with the Krb5.keytab file on a host computer that is not running the Windows operating system.) The Kerberos .keytab file will be created for all supported encryption types for the general principal type.
To generate a .keytab file for a host computer that is not running the Windows operating system, use the following steps to map the principal to the account and set the host principal password:
Generate Sha1 Key For Group Of Files In Windows 7Additional ReferencesComments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |