1
我試圖在Windows Server 2003Windows Server 2003的-Ktpass - 密碼:枚舉值 'RC4-HMAC' 不知道
Ktpass -princ host/[email protected] -mapuser host -pass password -crypto rc4-hmac -out UNIXhost.keytab
我收到以下錯誤上創建的ktpass密鑰表:
crypto: enum value 'rc4-hmac' is not known.
Error: argument for option "crypto" must be one of the following values:
DES-CBC-CRC : for compatibility
DES-CBC-MD5 : default
Command line options:
---------------------most useful args
[- /] out : Keytab to produce
[- /] princ : Principal name ([email protected])
[- /] pass : password to use
use "*" to prompt for password.
---------------------less useful stuff
[- /] mapuser : map princ (above) to this user account (default: don't)
[- /] mapOp : how to set the mapping attribute (default: add it)
[- /] mapOp : is one of:
[- /] mapOp : add : add value (default)
[- /] mapOp : set : set value
[- +] DesOnly : Set account for des-only encryption (default:do)
[- /] in : Keytab to read/digest
---------------------options for key generation
[- /] crypto : Cryptosystem to use
[- /] crypto : is one of:
[- /] crypto : DES-CBC-CRC : for compatibility
[- /] crypto : DES-CBC-MD5 : default
[- /] ptype : principal type in question
[- /] ptype : is one of:
[- /] ptype : KRB5_NT_PRINCIPAL : The general ptype-- recommended
[- /] ptype : KRB5_NT_SRV_INST : user service instance
[- /] ptype : KRB5_NT_SRV_HST : host service instance
[- /] kvno : Override Key Version Number
Default: query DC for kvno. Use /kvno 1 for Win2K compat.
[- +] Answer : +Answer answers YES to prompts. -Answer answers NO.
[- /] Target : Which DC to use. Default:detect
我有兩個問題:
1)這我intendo實現單點登錄使用imap服務的Windows用戶在Centos 6上。雖然可以使用「-crypto rc4-hmac」也可以爲DES-CBC-CRC或DES-CBC-MD5服務。我相信Windows客戶擁有所有加密票證rc4-hmac,這不會讓事情發揮作用,我懷疑我的問題之一就在那裏。
2)有辦法讓Windows Server 2003中,你可以有選擇RC4-HMAC?
感謝您的任何幫助。