Topic
Post installation how to create keytab file and use set spn with given domain account.
Instructions
Please follow below steps to get exact keytab file generating command:
1- Open CMD as admin and navigate to C:\Kryon\IDP\Aerobase\Aerobase\bin
2- and Run this command
aerobase-ctl.bat keytab-help RPASVC@TEST.COM (mailto:RPASVC@TEST.COM)
note: RPASVC is the service account used to run services
You will get following output -
##############################################################################
########################## Key Tab HELP commands #############################
# #
# #
# The following commands demonstrate how to set an spn and generate a key #
# tab on windows active directory. #
# Output commands are according to current domain name. #
# #
# #
# 1. setspn #
# setspn -A HTTP/APPSRV.test.com RPASVC@TEST.COM
# #
# 2. crete keytab file #
# ktpass -out RPASVC@TEST.COM.keytab \
-princ HTTP/APPSRV.test.com@TEST.COM \
-mapUser RPASVC@TEST.COM -mapOp set -pass -kvno 0 -crypto all \
-pType KRB5_NT_PRINCIPAL
#
# #
# #
# Copy Commands 1/2 and execute on your Active Directory Server. #
# Use output keytab to configure kerberos integration. #
##############################################################################
##############################################################################