Owner manual
1-85
IM 04L41B01-17E
Using the Ethernet Interface
1
2
3
4
5
6
App
Index
About Mapping
Mapping is the establishment of an association between the host principal and the host
account. In the example below, the setting “princ” is associated with the setting “mapuser.”
The association is accomplished through the use of the ktpass tool.
•
Open the command prompt, and execute the ktpass command.
ktpass Settings
Setup Item Windows Server
2003
Windows Server
2008
Example
princ host/(host principal)@(realm name) host/dxadv@EXAMPLE.
COM
pass Password record-1
crypto ARC4 RC4-HMAC-NT RC4-HMAC-NT RC4-HMAC-NT
AES128 AES128-SHA1
AES256 AES256-SHA1
mapuser Host account dxadv
ptype KRB5_NT_PRINCIPAL KRB5_NT_PRINCIPAL
out (Destination folder name)\(file name).keytab c:\temp\dxadv.keytab
Mapping Example
ktpass -princ host/dxadv@EXAMPLE.COM -pass record-1 -crypto
RC4-HMAC-NT -mapuser dxadv -ptype KRB5_NT_PRINCIPAL -out c:\
temp\dxadv.keytab
Note
• Use the ktpass tool after you install the support tools offered by the server.
• Be sure to make the realm name all caps.
• You can only set crypto to All when using Windows Server 2008.
• Use the same encryption method for the user and host accounts.
• ARC4 (ARCFOUR) is an encryption algorithm that is compatible with RC4.
• The “out” setting can be omitted.
ktpass Execution Example (Windows Server 2003)
This execution example is different from the configuration example.
1.14 Using the Password Management Function (/AS1 option)