API tools faq
paste
Guest User

Untitled

a guest
Oct 22nd, 2017
431
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.73 KB | None | 0 0
raw download clone embed print report
  1. C:Program FilesJavajdk1.8.0_121bin>kinit -k -t "C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  2. Exception: krb_error 0 no supported default etypes for default_tkt_enctypes No error
  3. KrbException: no supported default etypes for default_tkt_enctypes
  4. at sun.security.krb5.Config.defaultEtype(Config.java:844)
  5. at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:249)
  6. at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:262)
  7. at sun.security.krb5.KrbAsReqBuilder.build(KrbAsReqBuilder.java:261)
  8. at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:315)
  9. at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
  10. at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:219)
  11. at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:113)
  12.  
  13. C:Program FilesJavajdk1.8.0_121bin>kinit -J-Dsun.security.krb5.debug=true -k -t "C:Program FilesApache Software FoundationTomcat 8.0conftomca
  14. t_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  15. >>>KinitOptions cache name is C:Usersdevtcadminkrb5cc_devtcadmin
  16. Principal is HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  17. >>> Kinit using keytab
  18. >>> Kinit keytab file name: C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab
  19. Java config name: null
  20. LSA: Found Ticket
  21. LSA: Made NewWeakGlobalRef
  22. LSA: Found PrincipalName
  23. LSA: Made NewWeakGlobalRef
  24. LSA: Found DerValue
  25. LSA: Made NewWeakGlobalRef
  26. LSA: Found EncryptionKey
  27. LSA: Made NewWeakGlobalRef
  28. LSA: Found TicketFlags
  29. LSA: Made NewWeakGlobalRef
  30. LSA: Found KerberosTime
  31. LSA: Made NewWeakGlobalRef
  32. LSA: Found String
  33. LSA: Made NewWeakGlobalRef
  34. LSA: Found DerValue constructor
  35. LSA: Found Ticket constructor
  36. LSA: Found PrincipalName constructor
  37. LSA: Found EncryptionKey constructor
  38. LSA: Found TicketFlags constructor
  39. LSA: Found KerberosTime constructor
  40. LSA: Finished OnLoad processing
  41. Native config name: C:Windowskrb5.ini
  42. Loaded from native config
  43. >>> Kinit realm name is DEVDEVELOPMENT.COM
  44. >>> Creating KrbAsReq
  45. >>> KrbKdcReq local addresses for dev26 are:
  46.  
  47. dev26/192.168.1.229
  48. IPv4 address
  49.  
  50. dev26/fe80:0:0:0:78ae:388f:4f63:3717%11
  51. IPv6 address
  52. >>> KdcAccessibility: reset
  53. >>> KeyTabInputStream, readName(): DEVDEVELOPMENT.COM
  54. >>> KeyTabInputStream, readName(): HTTP
  55. >>> KeyTabInputStream, readName(): dev26.devdevelopment.com
  56. >>> KeyTab: load() entry length: 99; type: 18
  57. Looking for keys for: HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  58. Added key: 18version: 3
  59. Exception: krb_error 0 no supported default etypes for default_tkt_enctypes No error
  60. KrbException: no supported default etypes for default_tkt_enctypes
  61. at sun.security.krb5.Config.defaultEtype(Config.java:844)
  62. at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:249)
  63. at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:262)
  64. at sun.security.krb5.KrbAsReqBuilder.build(KrbAsReqBuilder.java:261)
  65. at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:315)
  66. at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
  67. at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:219)
  68. at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:113)
  69.  
  70. C:UsersAdministrator>ktpass /out C:tomcat_ad.keytab /mapuser devtcadmin@DEVDEVELOPMENT.COM /princ HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM /pass ****** /crypto AES256-SHA1 ptype KRB5_NT_PRINCIPAL
  71. Targeting domain controller: dev.devdevelopment.com
  72. Using legacy password setting method
  73. Successfully mapped HTTP/dev26.devdevelopment.com to devtcadmin.
  74. Key created.
  75. Output keytab to C:tomcat_ad.keytab:
  76. Keytab version: 0x502
  77. keysize 99 HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM ptype 1 (KRB5_NT_PRINCIPAL) vno 3 etype 0x12 (AES256-SHA1) keylength 32 (0xf20788d7c6f99c385fc91b53c7d9ef55591d314e5340ca1fb9acac1b178c8861)
  78.  
  79. [libdefaults]
  80. default_realm=DEVDEVELOPMENT.COM
  81. default_keytab_name=“C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab"
  82. default_tkt_enctypes=aes256-cts-hmac-shal-96
  83. default_tgs_enctypes=aes256-cts-hmac-shal-96
  84. permitted_enctypes=aes256-cts-hmac-shal-96
  85. udp_preference_limit=1
  86. forwardable=true
  87.  
  88. [realms]
  89. DEVDEVELOPMENT.COM={
  90. kdc=dev.devdevelopment.com:88
  91. }
  92.  
  93. [domain_realm]
  94. devdevelopment.com=DEVDEVELOPMENT.COM
  95. .devdevelopment.com=DEVDEVELOPMENT.COM
  96.  
  97. C:Program FilesJavajdk1.8.0_121bin>ktab -l -e -t -k "C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab"
  98. Keytab name: C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab
  99. KVNO Timestamp Principal
  100. ---- -------------- ---------------------------------------------------------------------------------------
  101. 3 1/1/70 5:30 AM HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM (18:AES256 CTS mode with HMAC SHA1-96)
  102.  
  103. C:Program FilesJavajdk1.8.0_121bin>kinit -k -t tomcat_ad.keytab HTTP/dev26.devdevelopment.com
  104. New ticket is stored in cache file C:Usersdevtcadminkrb5cc_devtcadmin
  105.  
  106. C:Usersdevtcadmin>kinit -k -t "C:Program FilesApache Software FoundationTomcat 8.0conftomcat_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  107. New ticket is stored in cache file C:Usersdevtcadminkrb5cc_devtcadmin
  108.  
  109. C:Usersdevtcadmin>kinit -J-Dsun.security.krb5.debug=true -k -t "C:Program FilesApache Software FoundationTomcat 8.5conftomcat_ad.keytab" HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  110. >>>KinitOptions cache name is C:Usersdevtcadminkrb5cc_devtcadmin
  111. Principal is HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  112. >>> Kinit using keytab
  113. >>> Kinit keytab file name: C:Program FilesApache Software FoundationTomcat 8.5conftomcat_ad.keytab
  114. Java config name: null
  115. LSA: Found Ticket
  116. LSA: Made NewWeakGlobalRef
  117. LSA: Found PrincipalName
  118. LSA: Made NewWeakGlobalRef
  119. LSA: Found DerValue
  120. LSA: Made NewWeakGlobalRef
  121. LSA: Found EncryptionKey
  122. LSA: Made NewWeakGlobalRef
  123. LSA: Found TicketFlags
  124. LSA: Made NewWeakGlobalRef
  125. LSA: Found KerberosTime
  126. LSA: Made NewWeakGlobalRef
  127. LSA: Found String
  128. LSA: Made NewWeakGlobalRef
  129. LSA: Found DerValue constructor
  130. LSA: Found Ticket constructor
  131. LSA: Found PrincipalName constructor
  132. LSA: Found EncryptionKey constructor
  133. LSA: Found TicketFlags constructor
  134. LSA: Found KerberosTime constructor
  135. LSA: Finished OnLoad processing
  136. Native config name: C:Windowskrb5.ini
  137. Loaded from native config
  138. >>> Kinit realm name is DEVDEVELOPMENT.COM
  139. >>> Creating KrbAsReq
  140. >>> KrbKdcReq local addresses for dev26 are:
  141.  
  142. dev26/192.168.1.229
  143. IPv4 address
  144.  
  145. dev26/fe80:0:0:0:78ae:388f:4f63:3717%11
  146. IPv6 address
  147. >>> KdcAccessibility: reset
  148. Looking for keys for: HTTP/dev26.devdevelopment.com@DEVDEVELOPMENT.COM
  149. Using builtin default etypes for default_tkt_enctypes
  150. default etypes for default_tkt_enctypes: 18 17 16 23.
  151. Exception: krb_error 0 Do not have keys of types listed in default_tkt_enctypes available; only have keys of following type: No error
  152. KrbException: Do not have keys of types listed in default_tkt_enctypes available; only have keys of following type:
  153. at sun.security.krb5.internal.crypto.EType.getDefaults(EType.java:280)
  154. at sun.security.krb5.KrbAsReqBuilder.build(KrbAsReqBuilder.java:261)
  155. at sun.security.krb5.KrbAsReqBuilder.send(KrbAsReqBuilder.java:315)
  156. at sun.security.krb5.KrbAsReqBuilder.action(KrbAsReqBuilder.java:361)
  157. at sun.security.krb5.internal.tools.Kinit.<init>(Kinit.java:219)
  158. at sun.security.krb5.internal.tools.Kinit.main(Kinit.java:113)
  159.  
  160. kinit -k -t tomcat_ad.keytab HTTP/dev26.devdevelopment.com
  161.  
  162. #default_tkt_enctypes=aes256-cts-hmac-shal-96
  163. #default_tgs_enctypes=aes256-cts-hmac-shal-96
  164. #permitted_enctypes=aes256-cts-hmac-shal-96
  165. #udp_preference_limit=1
  166.  
  167. KrbException: no supported default etypes for default_tkt_enctypes
  168.  
  169. [libdefaults]
  170. allow_weak_crypto = true
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!