# net ads info
…
Last machine account password change: Ср, 20 мар 2024 12:36:35 EET
# net ads info -U <user>
Last machine account password change.
/etc/krb5.keytab) содержит корректную информацию:
# klist -ke
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
---- --------------------------------------------------------------------------
1 host/work.test.alt@TEST.ALT (aes256-cts-hmac-sha1-96)
1 host/WORK@TEST.ALT (aes256-cts-hmac-sha1-96)
1 host/work.test.alt@TEST.ALT (aes128-cts-hmac-sha1-96)
1 host/WORK@TEST.ALT (aes128-cts-hmac-sha1-96)
1 host/work.test.alt@TEST.ALT (DEPRECATED:arcfour-hmac)
1 host/WORK@TEST.ALT (DEPRECATED:arcfour-hmac)
1 restrictedkrbhost/work.test.alt@TEST.ALT (aes256-cts-hmac-sha1-96)
1 restrictedkrbhost/WORK@TEST.ALT (aes256-cts-hmac-sha1-96)
1 restrictedkrbhost/work.test.alt@TEST.ALT (aes128-cts-hmac-sha1-96)
1 restrictedkrbhost/WORK@TEST.ALT (aes128-cts-hmac-sha1-96)
1 restrictedkrbhost/work.test.alt@TEST.ALT (DEPRECATED:arcfour-hmac)
1 restrictedkrbhost/WORK@TEST.ALT (DEPRECATED:arcfour-hmac)
1 WORK$@TEST.ALT (aes256-cts-hmac-sha1-96)
1 WORK$@TEST.ALT (aes128-cts-hmac-sha1-96)
1 WORK$@TEST.ALT (DEPRECATED:arcfour-hmac)
/etc/krb5.keytab):
# kinit -k WORK\$@TEST.ALT
#klistTicket cache: KEYRING:persistent:0:0 Default principal: WORK$@TEST.ALT Valid starting Expires Service principal 21.04.2023 12:25:37 21.04.2023 22:25:37 krbtgt/TEST.ALT@TEST.ALT renew until 28.04.2023 12:25:37 #kdestroy -p WORK\$@TEST.ALT
Важно
/etc/krb5.keytab) соответствует реальному имени машины (см. вывод команды hostnamectl).