Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # kinit adtest@AD.EXAMPLE.COM
- Password for adtest@AD.EXAMPLE.COM:
- root@clienttest2:~# kvno ltest@EXAMPLE.COM
- ltest@EXAMPLE.COM: kvno = 1
- # kinit ltest@EXAMPLE.COM
- Password for ltest@EXAMPLE.COM:
- root@clienttest2:~# kvno adtest@AD.EXAMPLE.COM
- kvno: KDC has no support for encryption type while getting credentials for adtest@AD.EXAMPLE.COM
- [libdefaults]
- default_realm = EXAMPLE.COM
- allow_weak_crypto = true
- verify_ap_req_nofail = false
- default_tkt_enctypes = rc4-hmac
- default_tgs_enctypes = rc4-hmac
- [realms]
- EXAMPLE.COM = {
- kdc = unix-server.example.com
- admin_server = unix-server.example.com
- }
- AD.EXAMPLE.COM = {
- kdc = ad-server.ad.example.com
- admin_server = ad-server.ad.example.com
- }
- [domain_realm]
- .example.com = EXAMPLE.COM
- .ad.example.com = AD.EXAMPLE.COM
- [capaths]
- EXAMPLE.COM = {
- AD.EXAMPLE.COM = .
- }
- AD.EXAMPLE.COM = {
- EXAMPLE.COM = .
- }
- [logging]
- default = FILE:/var/krb5/kdc.log
- kdc = FILE:/var/krb5/kdc.log
- kdc_rotate = {
- period = 1d
- versions = 10
- }
- [appdefaults]
- kinit = {
- renewable = true
- forwardable = true
- }
- addprinc -e rc4-hmac krbtgt/AD.EXAMPLE.COM@EXAMPLE.COM
- addprinc -e rc4-hmac krbtgt/EXAMPLE.COM@AD.EXAMPLE.COM
Add Comment
Please, Sign In to add comment
