Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- C:Program FilesJavajdk1.8.0_121bin>kinit -k -t "C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- Exception: krb_error 0 no supported default etypes for default_tkt_enctypes No error
- KrbException: no supported default etypes for default_tkt_enctypes
- at sun.security.krb5.Config.defaultEtype(Config.java:844)
- at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:249)
- at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:262)
- at sun.security.krb5.KrbAsReqBuilder.build(KrbAsReqBuilder.java:261)
- at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:315)
- at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
- at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:219)
- at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:113)
- C:Program FilesJavajdk1.8.0_121bin>kinit -J-Dsun.security.krb5.debug=true -k -t "C:Program FilesApache Software FoundationTomcat 8.0conftomca
- t_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- >>>KinitOptions cache name is C:Usersdevtcadminkrb5cc_devtcadmin
- Principal is HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- >>> Kinit using keytab
- >>> Kinit keytab file name: C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab
- Java config name: null
- LSA: Found Ticket
- LSA: Made NewWeakGlobalRef
- LSA: Found PrincipalName
- LSA: Made NewWeakGlobalRef
- LSA: Found DerValue
- LSA: Made NewWeakGlobalRef
- LSA: Found EncryptionKey
- LSA: Made NewWeakGlobalRef
- LSA: Found TicketFlags
- LSA: Made NewWeakGlobalRef
- LSA: Found KerberosTime
- LSA: Made NewWeakGlobalRef
- LSA: Found String
- LSA: Made NewWeakGlobalRef
- LSA: Found DerValue constructor
- LSA: Found Ticket constructor
- LSA: Found PrincipalName constructor
- LSA: Found EncryptionKey constructor
- LSA: Found TicketFlags constructor
- LSA: Found KerberosTime constructor
- LSA: Finished OnLoad processing
- Native config name: C:Windowskrb5.ini
- Loaded from native config
- >>> Kinit realm name is DEVDEVELOPMENT.COM
- >>> Creating KrbAsReq
- >>> KrbKdcReq local addresses for dev26 are:
- dev26/192.168.1.229
- IPv4 address
- dev26/fe80:0:0:0:78ae:388f:4f63:3717%11
- IPv6 address
- >>> KdcAccessibility: reset
- >>> KeyTabInputStream, readName(): DEVDEVELOPMENT.COM
- >>> KeyTabInputStream, readName(): HTTP
- >>> KeyTabInputStream, readName(): dev26.devdevelopment.com
- >>> KeyTab: load() entry length: 99; type: 18
- Looking for keys for: HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- Added key: 18version: 3
- Exception: krb_error 0 no supported default etypes for default_tkt_enctypes No error
- KrbException: no supported default etypes for default_tkt_enctypes
- at sun.security.krb5.Config.defaultEtype(Config.java:844)
- at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:249)
- at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:262)
- at sun.security.krb5.KrbAsReqBuilder.build(KrbAsReqBuilder.java:261)
- at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:315)
- at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
- at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:219)
- at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:113)
- C:UsersAdministrator>ktpass /out C:tomcat_ad.keytab /mapuser devtcadmin@DEVDEVELOPMENT.COM /princ HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM /pass ****** /crypto AES256-SHA1 ptype KRB5_NT_PRINCIPAL
- Targeting domain controller: dev.devdevelopment.com
- Using legacy password setting method
- Successfully mapped HTTP/dev26.devdevelopment.com to devtcadmin.
- Key created.
- Output keytab to C:tomcat_ad.keytab:
- Keytab version: 0x502
- keysize 99 HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM ptype 1 (KRB5_NT_PRINCIPAL) vno 3 etype 0x12 (AES256-SHA1) keylength 32 (0xf20788d7c6f99c385fc91b53c7d9ef55591d314e5340ca1fb9acac1b178c8861)
- [libdefaults]
- default_realm=DEVDEVELOPMENT.COM
- default_keytab_name=“C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab"
- default_tkt_enctypes=aes256-cts-hmac-shal-96
- default_tgs_enctypes=aes256-cts-hmac-shal-96
- permitted_enctypes=aes256-cts-hmac-shal-96
- udp_preference_limit=1
- forwardable=true
- [realms]
- DEVDEVELOPMENT.COM={
- kdc=dev.devdevelopment.com:88
- }
- [domain_realm]
- devdevelopment.com=DEVDEVELOPMENT.COM
- .devdevelopment.com=DEVDEVELOPMENT.COM
- C:Program FilesJavajdk1.8.0_121bin>ktab -l -e -t -k "C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab"
- Keytab name: C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab
- KVNO Timestamp Principal
- ---- -------------- ---------------------------------------------------------------------------------------
- 3 1/1/70 5:30 AM HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM (18:AES256 CTS mode with HMAC SHA1-96)
- C:Program FilesJavajdk1.8.0_121bin>kinit -k -t tomcat_ad.keytab HTTP/dev26.devdevelopment.com
- New ticket is stored in cache file C:Usersdevtcadminkrb5cc_devtcadmin
- C:Usersdevtcadmin>kinit -k -t "C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- New ticket is stored in cache file C:Usersdevtcadminkrb5cc_devtcadmin
- C:Usersdevtcadmin>kinit -J-Dsun.security.krb5.debug=true -k -t "C:Program FilesApache Software FoundationTomcat 8.5conftomcat_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- >>>KinitOptions cache name is C:Usersdevtcadminkrb5cc_devtcadmin
- Principal is HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- >>> Kinit using keytab
- >>> Kinit keytab file name: C:Program FilesApache Software FoundationTomcat 8.5conftomcat_ad.keytab
- Java config name: null
- LSA: Found Ticket
- LSA: Made NewWeakGlobalRef
- LSA: Found PrincipalName
- LSA: Made NewWeakGlobalRef
- LSA: Found DerValue
- LSA: Made NewWeakGlobalRef
- LSA: Found EncryptionKey
- LSA: Made NewWeakGlobalRef
- LSA: Found TicketFlags
- LSA: Made NewWeakGlobalRef
- LSA: Found KerberosTime
- LSA: Made NewWeakGlobalRef
- LSA: Found String
- LSA: Made NewWeakGlobalRef
- LSA: Found DerValue constructor
- LSA: Found Ticket constructor
- LSA: Found PrincipalName constructor
- LSA: Found EncryptionKey constructor
- LSA: Found TicketFlags constructor
- LSA: Found KerberosTime constructor
- LSA: Finished OnLoad processing
- Native config name: C:Windowskrb5.ini
- Loaded from native config
- >>> Kinit realm name is DEVDEVELOPMENT.COM
- >>> Creating KrbAsReq
- >>> KrbKdcReq local addresses for dev26 are:
- dev26/192.168.1.229
- IPv4 address
- dev26/fe80:0:0:0:78ae:388f:4f63:3717%11
- IPv6 address
- >>> KdcAccessibility: reset
- Looking for keys for: HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
- Using builtin default etypes for default_tkt_enctypes
- default etypes for default_tkt_enctypes: 18 17 16 23.
- Exception: krb_error 0 Do not have keys of types listed in default_tkt_enctypes available; only have keys of following type: No error
- KrbException: Do not have keys of types listed in default_tkt_enctypes available; only have keys of following type:
- at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:280)
- at sun.security.krb5.KrbAsReqBuilder.build(KrbAsReqBuilder.java:261)
- at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:315)
- at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
- at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:219)
- at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:113)
- kinit -k -t tomcat_ad.keytab HTTP/dev26.devdevelopment.com
- #default_tkt_enctypes=aes256-cts-hmac-shal-96
- #default_tgs_enctypes=aes256-cts-hmac-shal-96
- #permitted_enctypes=aes256-cts-hmac-shal-96
- #udp_preference_limit=1
- KrbException: no supported default etypes for default_tkt_enctypes
- [libdefaults]
- allow_weak_crypto = true
Add Comment
Please, Sign In to add comment