Hi,
When applying the command, net ads keytab add HTTP -U administrator
One warning:-
Warning: "kerberos method" must be set to a keytab method to use keytab
functions.
====================================================================
Also see below:-
[root@lx hooks]# ktutil
ktutil: rkt /etc/krb5.keytab
rkt: Unsupported key table format version number while reading keytab
"/etc/krb5.keytab"
ktutil:
cat /etc/krb5.conf
=================
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = SYSNET.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
default_keytab_name = /etc/krb5.keytab
; for Windows 2003
# default_tgs_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
# default_tkt_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
# permitted_enctypes = rc4-hmac des-cbc-crc des-cbc-md5
; for Windows 2008 with AES
default_tgs_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc
des-cbc-md5
default_tkt_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc
des-cbc-md5
permitted_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc
des-cbc-md5
; for MIT/Heimdal kdc no need to restrict encryption type
[realms]
SYSNET.LOCAL = {
kdc = dc1.sysnet.local
admin_server = dc1.sysnet.local
kdc = 192.168.15.40
}
[domain_realm]
.sysnet.local = SYSNET.LOCAL
sysnet.local = SYSNET.LOCAL
-----Original Message-----
From: sichent [mailto:sichent@xxxxxxx]
Sent: Sunday, June 24, 2012 7:57 PM
To: squid-users@xxxxxxxxxxxxxxx
Subject: Re: Squid Kerberos authentication error
Hi,
May be this is of any help? (it uses centos 6 and ad 2008 and samba NOT
mskutils)
http://www.howtoforge.com/web-filtering-on-squid-3-with-quintolabs-content-s
ecurity-1.4-and-windows-active-directory-integration
On 24.06.2012 15:06, Navas wrote:
> One more thing I am using Samba, I could not use mskutil. Is there any
> issue with Kerberos and Samba.
> OS: Redhat EL6.2
> squid-3.1
>
