Reading a keytab file on Windows
I created a keytab file using msktutil command on a Linux host.
msktutil -c -b "CN=COMPUTERS" -s HTTP/<xxxx> -h <xxx> -k /tmp/my.keytab --computer-name xyz --upn HTTP/xxxx --server <myserver> --verbose --enctypes 28
I copied this to a Windows host where I try to load this into my application and use it for client login.
But I am getting the following decryption error when I run the example application:
Decrypting_Error: error decrypting EncPart of AS_REP < Decrypting_Error: error decrypting AS_REP encrypted part: matching key not found in keytab. Looking for "testuser" realm: MYLAB.LOCAL kvno: 2 etype: 18
I then copied the keytab (created using msktutil) from my Linux host to Windows AD Server and tried to read it using ktpass. This output doesn't match the output I get when I run klist -k <ktabfile> on Linux host.
Output from ktpass look like below:
ktpass /in .\my.keytab
Existing keytab:
Keytab version: 0x502
keysize 58 myhost$@MYDOMAIN.LOCAL ptype 1 (KRB5_NT_PRINCIPAL) vno 4 etype 0x17 (RC4-HMAC) keylength 16 (0xe59d026909ef6aca8943ae0df7f1ccaf)keysize 4 @ ptype 74 (**Unknown**) vno 77 etype 0x594c (Unknown) keylength 16706 (0x2e4c4f43414c00086d797371756964240000000165098f700400120020894bbc73dc00a1a710331a55ba688e8df884eb7380362f24672dc4fca831f52d000000040000003a0001000b4d594c41422e4c4f43414c00084d595351554944240000000165098f700400170010e59d026909ef6aca8943ae0df7f1ccaf000000040000003a0001000b4d594c41422e4c4f4341....
My query is should ktpass be able to read a ktab file creating by msktutil ? If yes, why don't output from ktpass (on Windows) and ktlist (on Linux) on the same keytab file match ?
Thank you.
-Manju