[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: using active directory keys
>Does anyone know if there's any possibility of extracting keys from an
>active directory and loading them into a Heimdal KDC (or even an MIT
>one)? I couldn't find any relevant info from a web search.
It's not possible to extract the Kerberos keys directly without using
the proprietary Active Directory replication protocol.
However you can get the NT OWFs using a tool such as "pwdump2", which
can be imported as keys with type KEYTYPE_ARCFOUR.