Search This Blog

Sep 20, 2023

Make a MIT Kerberos client on Windows

Steps

  1. Compose krb5.conf file ( In windows, it's krb5.ini under %programfile%\MIT\Kerberos)
    1. concepts here
    2. samples here
      My sample file



    3. reference here
  2. Ktpass command to generate keytab file
    1. ktpass /out userName.keytab /mapuser userName@johnfoo.tk /princ http/serviceHostName.johnfoo.com@JOHNFOO.TK /pass <pwd> /crpto all /ptype KRB5_NIT_PRINCIPAL
  3. kinit to obtain ticket
    1. kinit -k -t userName.keytab http/serviceHostName.johnfoo.tk@JOHNFOO.TK
  4. klist to verify that ticket was issued successfully