none
what is ktpass command, -princ ,mapuser , i can't understand.

    Question

  • AD Server

    hostname ActiveDS

    domain : cometo10.com

    Client (Solaris 10)

    # hostname
    session
    #
    # cat /etc/krb5/krb5.conf
    [libdefaults]
            default_realm = COMETO10.COM
            default_checksum = rsa-md5
    [realms]
            COMETO10.COM = {
            kdc = ActiveDS.cometo10.com
            kpasswd_server = ActiveDS.cometo10.com
            kpasswd_protocol = SET_CHANGE
            admin_server = ActiveDS.cometo10.com
            }
    [domain_realm]
            .cometo10.com = COMETO10.COM
            cometo10.com = COMETO10.COM
    [logging]
            default = FILE:/var/krb5/kdc.log
            kdc = FILE:/var/krb5/kdc.log

    1)

    C:\>ktpass -princ HOST\session.ActiveDS.cometo10.com@COMETO10.COM -mapuser ActiveDS\session -pass * -out c:\session.keytab
    DsCrackNames returned 0x2 in the name entry for ActiveDS\session.
    ktpass:failed getting target domain for specified user.

    2)

    C:\>ktpass -princ host\session.cometo10.com@COMETO10.COM -mapuser COMETO10\session -pass * -out c:\session.keytab
    Targeting domain controller: ActiveDS.cometo10.com
    Using legacy password setting method
    Failed to set property 'servicePrincipalName' to 'host\session.cometo10.com' on Dn 'CN=LIM JONG,OU=기술지원팀,DC=cometo10,DC=com': 0x13.
    WARNING: Unable to set SPN mapping data.
    If session already has an SPN mapping installed for host\session.cometo10.com, this is no cause for concern.
    Type the password for host\session.cometo10.com: ^C
    C:\>

    3)

    Question)

    1)what is '-princ' option ? 

    2) Correct is -princ host\session.ActiveDS.cometo10.com\COMETO10.COM ?

    3)what is mapuser optioin ?

    4)is solaris 10 user(session) is mapuser ?

    5)i see documents.but i don't understand option.

    6)what is define to solaris10 user session(ad Client) ?

    help me please!!!!!!!!!

     

    Saturday, September 14, 2013 4:55 PM

Answers

All replies