Kerberos Keytabs

[ITHAQVA]

Having spent several weeks on FreeNAS as a complete Noob I thought i'd post this about Kerberos Keytabs. The info that i saw didn't simplify it enough and lead to several attempts.

When active Directory integrating a FreeNAS device and using Kerberos Keytabs I found this worked.

ktpass -out bosso.keytab -princ **********/%%%%%@+++++ /mapuser %%%%%@+++++ /pass “”””” -ptype KRB5_NT_PRINCIPAL -crypto ALL



Key:

********** = Your PDC DNS name

%%%%% = The user name you are using to set up the keytab

+++++ = The domain name

“”””” = The password of the user in the keytab

:)

 

[anodos]

11.3 will automatically generate a kerberos keytab for you during the first domain join. You input credentials once into our GUI, server joined to AD and keytab generated, then bind credentials are cleared.

 

[ITHAQVA]

Thanks Anodos for the info :)


I was having issues with Ad integrating whilst following the documentation for 11.3, but once I carried out keytab instructions all was good. I'll build another FreeNAS and review my process.

Something I'm finding all the time as a very new FreeNAS and Linux user. Understand the documentation don’t just read it. Being a Windows admin has made me incredibly lazy and stupid.