diff options
authorChetan Risbud <>2013-11-27 17:14:35 +0530
committerLuis Pabon <>2013-12-04 13:09:44 -0800
commit2f9e3120bbd7ef6b7459fccb5b740b6542b13c57 (patch)
parent5405fd7927ef68015c25632951a94bcddb60c33d (diff)
Additional Parameters to create keytab file
Minor changes to explicitly set keyversion number as 0 and encryption method while creating keytab file on Windows AD server. This has been noticed on different windows 2008 server that they set different kvno by default. So just making sure it to be 0 as expected by mod_auth_kerb. Bug: N/A Change-Id: Ic114e4964745abfe97fbfcd575b5205bd6aaf171 Signed-off-by: Chetan Risbud <> Reviewed-on: Reviewed-by: Prashanth Pai <> Tested-by: Prashanth Pai <> Reviewed-by: Luis Pabon <>
1 files changed, 2 insertions, 1 deletions
diff --git a/doc/ b/doc/
index 144bf59..e18c7ef 100644
--- a/doc/
+++ b/doc/
@@ -48,7 +48,8 @@ Copy keytab file to client:
Add a HTTP Kerberos service principal:
> c:\>ktpass.exe -princ HTTP/ -mapuser
-> auth_admin@WINAD.COM -pass Redhat*123 -out c:\HTTP.keytab
+> auth_admin@WINAD.COM -pass Redhat*123 -out c:\HTTP.keytab -crypto DES-CBC-CRC
+> -kvno 0
Use winscp to copy HTTP.ketab file to /etc/httpd/conf/http.keytab