Versions Compared

Old Version 2

changes.mady.by.user Mari Fuglem

Saved on

compared with

New Version 3

changes.mady.by.user August Heltne

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A quick review of the syntax:

Command / parameter

Description

Command / parameter

Description

Code Block
ktpass

ktpass is pre-installed in Windows 2008 onward. Located in c:\Windows\System32

Code Block
/princ HTTP/issues.example.com@EXAMPLE.LOCAL

HTTP is always used for web servers, also when using https.

issues.example.com is the canonical DNS name of JIRA

EXAMPLE.LOCAL is the Kerberos realm name of the Active Directory Domain

Code Block
/mapuser svc-jirasso-issues@EXAMPLE.LOCAL

Maps the /princ name above to the account svc-jirasso-issues.

ktpass will add this attribute on the account:

Code Block
servicePrincipalName: HTTP/issues.example.com
Code Block
/crypto AES2568-SHA1

Specifies the encryption type used when generating keys in the keytab. Must match the account supported encryption type.

Code Block
/ptype KRB5_NT_PRINCIPAL

The general ptype, recommended by Microsoft.

Code Block
/out c:\issues.example.com

Output location of the generated keytab file

...