Chapter 4: Configuring the Library
Working With LDAP User Accounts (Remote Authentication)
96 Quantum Scalar i40 and Scalar i80 User’s Guide
Generating the
Kerberos Service Keytab
File
These instructions are for generating the service keytab file for use with
Microsoft® Active Directory®. If you not using Active Directory, refer to
your Kerberos vendor for instructions on generating this file.
1 Set up an Active Directory domain on the Windows 2003 server.
2 If Active Directory is not already configured, run dcpromo.
3 Windows 2003 servers only: Install Windows Support Tools on the
Windows 2003 server as follows:
a Go to www.microsoft.com and search for “windows server
2003 support tools sp2” or click on the following link:
http://www.microsoft.com/downloads/
details.aspx?FamilyID=96a35011-fd83-419d-939b-
9a772ea2df90&DisplayLang=en
b Download both support.cab and suptools.msi.
c Run suptools.msi to begin installation.
4 Create a computer account in Active Directory.
• Do not select any of the check boxes during creation.
• The account name will be used for <computer account> fields
shown in the following steps.
5 At the command prompt, map SPN to the computer account. Use
the following format:
setspn‐Alibrary/<fqdnoflibrary><computer
account>
For example:
setspn‐Alibrary/delos.dvt.mycompany.comkerbtest
6 At the command prompt, create the keytab file for the SPN. Use one
of the following formats:
• For Windows 2003:
ktpass‐outlibrary.keytab‐princ
library/<fqdnoflibrary>@<realm>
+rndPass‐ptypeKRB5_NT_SRV_HST‐cryptoRC4‐
HMAC‐NT‐mapUser<realm>/computers/<computer
account>
To Next Page
Loading...
Need help?
General
Weight and Dimensions
