I found a HowTo for SSO-Authentication with apache and ActiveDirectory.
In this HowTo they tell me to use following command:
ktpass -princ HTTP/otrsserver.domain1.net@DOMAIN1.NET -mapuser DOMAIN1\OTRSUSER -pass xxxxxxxxx -out c:\temp\otrsserver.keytab
Is it save to issue that command on my productional domain-controller?
Would this have any effect to my domain?
In a test lab I issued the command and got following output:
Targeting domain controller: dc1-test.test.local
Using legacy password setting method
Successfully mapped HTTP/dc-test.test.local to otrs.
WARNING: pType and account type do not match. This might cause problems.
Output keytab to C:\otrsserver.keytab:
Keytab version: 0x502
keysize 77 HTTP/dc1-test.test.local@TEST.LOCAL ptype 0 (KRB5_NT_UNKNOWN
vno 4 etype 0x17 (RC4-HMAC) keylength 16 (0xfcc2sadasdasd8asd39050f2c587af)
Can anybody explain, what is happening there?
Thanks a lot!