User Tools
регистрация_ключей_принципалов_в_kdc
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
регистрация_ключей_принципалов_в_kdc [2012/07/17 12:58] val |
регистрация_ключей_принципалов_в_kdc [2023/02/18 14:05] val [MIT (Linux)] |
||
|---|---|---|---|
| Line 3: | Line 3: | ||
| ===== Регистрация принципалов пользователей в базе данных kerberos ===== | ===== Регистрация принципалов пользователей в базе данных kerberos ===== | ||
| + | ==== MIT Linux/(Debian/Ubuntu) ==== | ||
| + | <code> | ||
| + | root@server:~# kadmin.local | ||
| + | </code><code> | ||
| + | kadmin.local: addprinc user1 | ||
| + | ... | ||
| + | Enter password for principal "user1@CORPX.UN": kpassword1 | ||
| + | Re-enter password for principal "user1@CORPX.UN": kpassword1 | ||
| + | ... | ||
| + | kadmin.local: addprinc user2 | ||
| + | ... | ||
| + | kadmin.local: listprincs | ||
| + | ... | ||
| + | user1@CORPX.UN | ||
| + | ... | ||
| + | kadmin.local: quit | ||
| + | |||
| + | root@server:~# kadmin.local -q 'addprinc -pw kpassword2 user2' | ||
| + | |||
| + | root@server:~# kadmin.local -q 'change_password -pw kpassword1 user1' | ||
| + | </code> | ||
| ==== HEIMDAL (FreeBSD) ==== | ==== HEIMDAL (FreeBSD) ==== | ||
| <code> | <code> | ||
| Line 17: | Line 38: | ||
| kadmin> quit | kadmin> quit | ||
| - | </code> | ||
| - | |||
| - | ==== MIT (Linux) ==== | ||
| - | <code> | ||
| - | root@server:~# kadmin.local | ||
| - | |||
| - | kadmin.local: addprinc user1 | ||
| - | ... | ||
| - | Enter password for principal "user1@CORPX.UN": kpassword1 | ||
| - | Re-enter password for principal "user1@CORPX.UN": kpassword1 | ||
| - | ... | ||
| - | kadmin.local: addprinc user2 | ||
| - | ... | ||
| - | kadmin.local: listprincs | ||
| - | ... | ||
| - | user1@CORPX.UN | ||
| - | ... | ||
| - | kadmin.local: quit | ||
| </code> | </code> | ||
| Line 54: | Line 57: | ||
| ===== Использование протокола GSSAPI на примере sshd ===== | ===== Использование протокола GSSAPI на примере sshd ===== | ||
| - | GSSAPI Generic Security Services Application Program Interface | + | * GSSAPI Generic Security Services Application Program Interface |
| - | + | * [[Сервис SSH#Аутентификация с использованием протокола GSSAPI]] Сервис SSH | |
| - | [[Сервис SSH#Аутентификация с использованием протокола GSSAPI]] | + | |
| ===== Регистрация рабочих станций windows в KDC ===== | ===== Регистрация рабочих станций windows в KDC ===== | ||
| - | !!! Необходимо все системы корректно прописать в прямой и реверс зоне DNS !!! | + | |
| ==== HEIMDAL (FreeBSD) ==== | ==== HEIMDAL (FreeBSD) ==== | ||
| Line 67: | Line 69: | ||
| kadmin> add host/client2.corpX.un | kadmin> add host/client2.corpX.un | ||
| ... | ... | ||
| - | Pa$$w0rd | + | host/client2.corpX.un@CORPX.UN's Password: 12345678 |
| ... | ... | ||
| kadmin> list * | kadmin> list * | ||
| Line 79: | Line 81: | ||
| kadmin.local: addprinc -e rc4-hmac:normal host/client2.corpX.un | kadmin.local: addprinc -e rc4-hmac:normal host/client2.corpX.un | ||
| ... | ... | ||
| - | Enter password for principal "host/client2.corpX.un@CORPX.UN": Pa$$w0rd | + | Enter password for principal "host/client2.corpX.un@CORPX.UN": 12345678 |
| ... | ... | ||
| kadmin.local: listprincs | kadmin.local: listprincs | ||
| - | kadmin.local: | + | или |
| + | |||
| + | root@server:~# kadmin.local -q 'addprinc -e rc4-hmac:normal -pw 12345678 host/client2.corpX.un' | ||
| </code> | </code> | ||
| Line 95: | Line 99: | ||
| ==== MIT (Linux) ==== | ==== MIT (Linux) ==== | ||
| <code> | <code> | ||
| + | kadmin.local: delprinc HTTP/gate.CORPX.UN@CORPX.UN | ||
| </code> | </code> | ||
регистрация_ключей_принципалов_в_kdc.txt · Last modified: 2024/01/25 14:46 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
