You could also give this parameter of msktutil a try:
flush Flushes all principals for the current host or
service account
from the keytab, and deletes
servicePrincipalName from AD.
Am 2018-02-05 16:55, schrieb Flashdown:
I am answering to fast, but I am writing in my little break, so sorry
for that :D forget my last mail regarding "to call it correctly" that
was misleading and wrong. sure you are talking about the HTTP SPN
which have the same KVNO. So if you want to get rid of it delete the
computer object, as your are updating all the SPN's that the Computer
Object holds. If you use the Attribut-Editor you may can modify the
Attribut servicePrincipalName and delete the wrong one and recreate
the keytab afterwards, without deleting the Computer Object at all.
Am 2018-02-05 16:39, schrieb Flashdown:
Just to call it correctly, what is wrong is the host principle after
you have deleted the computer object and waited for the object to
disappear on other DC's as well (if you have replication between dc's)
and rejoined it, it should be as you want it to be. Hope this helps
with your setup.
Am 5. Februar 2018 16:12:29 MEZ schrieb Flashdown
<flashdown@xxxxxxxxxxxxx>:
Delete the Computer Object in Active Directory to clear these spn's
up.
Am 5. Februar 2018 15:54:26 MEZ schrieb erdosain9
<erdosain9@xxxxxxxxx>:
Hi to all.
The squid was working fine, but i made a mistake and... delete the
proxy.keytab. I try to do it again, but make a mistake in the
syntax
wrong syntax (the real name is not squidproxy.domain.lan is
squid.domain.lan):
msktutil -c -b "CN=COMPUTERS" -s HTTP/squidproxy.domain.lan -k
/etc/squid/PROXY.keytab --computer-name SQUIDPROXY-K --upn
HTTP/squidproxy.domain.lan --server adw-1.domain.lan --verbose
--enctypes 28
now i put well the syntax, but the keytab is wrong... why??
well syntax:
msktutil -c -b "CN=COMPUTERS" -s HTTP/squid.domain.lan -h
squid.domain.lan
-k /etc/squid/PROXY.keytab --computer-name SQUIDPROXY-K --upn
HTTP/squid.domain.lan --server adw-1.domain.lan --verbose
--enctypes 28
[root@squid squid]# ktutil
ktutil: read_kt PROXY.keytab
ktutil: l
slot KVNO Principal
---- ----
-------------------------
1 18 squidproxy-k$@DOMAIN.LAN
2 18 squidproxy-k$@DOMAIN.LAN
3 18 squidproxy-k$@DOMAIN.LAN
4 18 HTTP/squidproxy.DOMAIN.lan@xxxxxxxxxx
5 18 HTTP/squidproxy.DOMAIN.lan@xxxxxxxxxx
6 18 HTTP/squidproxy.DOMAIN.lan@xxxxxxxxxx
7 18 host/squid.DOMAIN.lan@xxxxxxxxxx
8 18 host/squid.DOMAIN.lan@xxxxxxxxxx
9 18 host/squid.DOMAIN.lan@xxxxxxxxxx
10 18 HTTP/squid.DOMAIN.lan@xxxxxxxxxx
11 18 HTTP/squid.DOMAIN.lan@xxxxxxxxxx
12 18 HTTP/squid.DOMAIN.lan@xxxxxxxxxx
Why squidproxy.DOMAIN.LAN????????? what can i do to solve this???
Thanks to all!!
--
Sent from:
http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
-------------------------
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
