Registering the Kerberos principals to the KDC database
After Active Directory users for Kerberos authentication are created, register the Kerberos principals to the KDC database.
To register Kerberos principals to the KDC database.
- Open the command-line and run ktpass command to register the principal to KDC database.
For example,
ktpass -princ nfs/storage-server.mydomain.com@MYDOMAIN.COM -mapuser MYDOMAIN\username -pass <password> -ptype KRB5_NT_PRINCIPAL -crypto All -out storage-server.keytab
Where MYDOMAIN\username is the User logon name (pre-Windows 2000) in the user property page.
Note:
Password must be the password of the Active Directory user. Otherwise, the previous password will be modified.