Skip to content
  • Guides
    • OS X Server 5 Guide (El Capitan and Yosemite)
    • OS X Server 4 Guide (Mavericks)
    • OS X Server 3 Guide (Yosemite)
    • OS X Server 2 Guide (Mountain Lion)
    • Apple Configurator 2 Guide
    • Apple Configurator 1 Guide
    • List Of Mac OS X Error Codes
    • Windows Server 2012
    • Xsan
    • Apple Watch Guide
  • Commands
    • Amazon s3cmd Commands
    • Crosh Commands (ChromeOS Shell Commands)
    • Final Cut Server Commands
    • FTP Commands
    • Linux Bash Commands
    • Mac Commands
    • Podcast Producer Commands
    • Powershell Commands
    • Windows Commands
    • Xsan Commands
  • Reference
    • Common Apple Ports
    • authorizationdb Defaults in macOS 10.14
    • List Of Mac OS X Error Codes
    • CIDR Conversion Table
    • HTML Encoding Reference
    • Nike+ and NikeFuel Badge List
    • Fitbit Badge List
    • Foursquare Badge List
    • Apple Watch Achievements List
    • List of All Swarm Stickers
  • Apple Community
    • Apple Admin Conferences
    • MacAdmins
    • Speaking Engagements
    • Glossary of Apple Terms
  • Whoami
    • whoami
    • Legacy Mac Apps
    • Books
    • Dead Tech Books
    • Clothes
    • Minneapolis Breweries and Distilleries
krypted

Tiny Deathstars

  • Mac OS X Server,  Mac Security

    Leopard and NFS

    February 2, 2008

    Did ya’ know you can Kerberize it?

    Read More
    krypted
  • Mac OS X Server

    Kerberos Management with kadmin.local

    January 19, 2008

    Kerberos can be managed interactively using kadmin.loca or kadmin (which edits the default realm by default):  sudo kadmin.local  To see a list of principals: listprincs To remove principals:  delprinc user@YOUR.KERBEROS.DOMAIN  To add a principal into that database: addprinc user@YOUR.KERBEROS.DOMAIN

    Read More
    krypted
  • Active Directory,  Mac OS X Server,  Mac Security

    Managing the Keytab with ktutil

    December 12, 2007

    clear_list – Clears the current keylist  read_kt or rkt – Reads a krb5 keytab into the current keylist  read_st or rst – Reads a krb4 srvtab into the current keylist  write_kt or wkt – Writes the current key listing into a krb5 keytab  write_st or wst – Writes the current key listing to a krb4 srvtab  add_entry or addent – Adds an entry to the current key listing  delete_entry, delent – Deletes an entry from the current key listing  list – Lists the current key listing  list_requests or lr – Lists available keys 

    Read More
    krypted
  • Mac OS X,  Mac OS X Server,  Mac Security

    Mac OS X: Troubleshooting Kerberos

    October 9, 2007

    First make sure your time is within the acceptable skew.  Then, your first set of tools is kinit, kdestroy, kpasswd.  Or just use the Kerberos.app in /System/Library/CoreServices.  Next is kadmin and kadmin.local.  More on those later.

    Read More
    krypted
  • Mac OS X Server

    Kerberos Keys

    September 28, 2007

    Kerberos uses keys to transmit information between hosts.  There are  session keys and service keys kept in the keytab file on the KDC.  The KDC (Key Distribution Center) then does out keys as needed.  To see the service keys: klist -k /etc/krb5.keytab

    Read More
    krypted
  • Active Directory,  Mac OS X Server,  Mac Security

    What is a Kerberos Realm

    September 27, 2007

    A realm is where the kerberos database is stored.  The realm lives on one computer (KDC) and  can have read-only slave servers (kinda’ like a cluster).  Each realm will have a listing in the following files /private/var/db/krb5kdc/  .k5.FQDN.OF.REALM (secret key)  kdc.conf (configuration file for the KDC)  kadm5.acl (access control list for KDC) 

    Read More
    krypted
  • Mac OS X Server

    Mac OS X Server: Kerberos Realm Name

    September 26, 2007

    Mac OS X Server automatically takes the FQDN for the machine and uses that for the Kerberos realm

    Read More
    krypted
  • Mac OS X,  Mac OS X Server,  Mac Security

    Download Kerberos

    September 25, 2007

    Download it here: http://web.mit.edu/kerberos/dist/

    Read More
    krypted
  • Mac OS X,  Mac OS X Server,  Mac Security

    Build Your Own PAM for OS X

    September 14, 2007

    Despite the deep hatred for the in-state rival, I must admit that Georgia Tech has done something nice for the community here: http://www.math.gatech.edu/~villegas/pam_krb5

    Read More
    krypted
  • Mac OS X Server

    Mac OS X Server: Remove OD

    September 3, 2007

    You can fully remove OD with the following command: slapconfig -destroyldapserver Warning – this will wipe all information, so have a backup for most scenario’s where you’re using this!!!

    Read More
    krypted
 Older Posts
Newer Posts 
Savona Theme by Optima Themes