Monday, 23 April 2018
Kerberos Key Distribution Centre (KDC) Encryption Types
I'm tinkering with Kerberos and SPNEGO again, in the context of integrating WebSphere Application Server (WAS) and Active Directory together.
This time I'm using WAS 184.108.40.206 and AD 2012.
Looking at the command that generates the Kerberos configuration within WAS: -
AdminTask.createKrbConfigFile("[-krbPath /opt/ibm/WebSphere/AppServer/java/jre/lib/security/krb5.conf -realm UK.IBM.COM -kdcHost ad2012.uk.ibm.com.com -dns uk.ibm.com -keytabPath /home/wasadmin/bpm857.keytab -encryption des3-cbc-sha1]")
I started to wonder about the -encryption switch: -
Looking here: -
prompted me to dig into Windows a bit more.
As per the above link, one place to check the supported Encryption Types is the User Account: -
so, if I so choose, I can lock down the encryption types in one of many ways ...
As a fup to this: - Playing with Kubernetes deployments and NodePort services life is SO much easier if I choose to define the service...
I've just spent ~1 hour trying to get a pair of Powerline adapters to .... pair. This involved pressing a "Pair" button on one...
I saw this exception: - tar: .: Cannot utime: Operation not permitted tar: Exiting with failure status due to previous errors earlier w...
If you're running IBM Notes 9.0.1 and have updated to macOS 10.14 Mojave, be aware that you'll also need to install the most recent ...