[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Windows machine accounts and keytabs
On Mon, 14 Jan 2008 14:51:37 +0100
> When configuring a Windows workstation to use a Heimdal KDC (
> ), you issue the command ksetup /setmachpassword.
> I have two questions about this command :
> 1) where is this "machine password" stored in the system( the windows
> registry ? SAM ? ) ?
Somewhere you can't get to it.
> 2) is it possible to generate a host/hostname.example.com principal with
> a random-key on the KDC, extract to a keytab, and import this keytab
> into the workstation without having to enter a password ?
No. There's no way to import or export a keytab representing the machine
account of a Windows workstation.
Michael B Allen
PHP Active Directory SPNEGO SSO