RetroSearch Browse

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/ktpass below:

ktpass | Microsoft Learn

/out <filename> Specifies the name of the Kerberos version 5 .keytab file to generate. Note: This is the .keytab file you transfer to a computer that isn't running the Windows operating system, and then replace or merge with your existing .keytab file, /Etc/Krb5.keytab. /princ <principalname> Specifies the principal name in the form host/computer.contoso.com@CONTOSO.COM. Warning: This parameter is case-sensitive. /mapuser <useraccount> Maps the name of the Kerberos principal, which is specified by the princ parameter, to the specified domain account. /mapop {add|set} Specifies how the mapping attribute is set.

Add - Adds the value of the specified local user name. This is the default.
Set - Sets the value for Data Encryption Standard (DES)-only encryption for the specified local user name.

{-|+}desonly DES-only encryption is set by default.

+ Sets an account for DES-only encryption.
- Releases restriction on an account for DES-only encryption. Important: Windows doesn't support DES by default.

/in <filename> Specifies the .keytab file to read from a host computer that is not running the Windows operating system. /pass {password|*|{-|+}rndpass} Specifies a password for the principal user name that is specified by the princ parameter. Use * to prompt for a password. /minpass Sets the minimum length of the random password to 15 characters. /maxpass Sets the maximum length of the random password to 256 characters. /crypto {DES-CBC-CRC|DES-CBC-MD5|RC4-HMAC-NT|AES256-SHA1|AES128-SHA1|All} Specifies the keys that are generated in the keytab file:

DES-CBC-CRC - Used for compatibility.
DES-CBC-MD5 - Adheres more closely to the MIT implementation and is used for compatibility.
RC4-HMAC-NT - Employs 128-bit encryption.
AES256-SHA1 - Employs AES256-CTS-HMAC-SHA1-96 encryption.
AES128-SHA1 - Employs AES128-CTS-HMAC-SHA1-96 encryption.
All - States that all supported cryptographic types can be used.

Note: Because the default settings are based on older MIT versions, you should always use the /crypto parameter.

/itercount Specifies the iteration count that is used for AES encryption. The default ignores itercount for non-AES encryption and sets AES encryption to 4,096. /ptype {KRB5_NT_PRINCIPAL|KRB5_NT_SRV_INST|KRB5_NT_SRV_HST} Specifies the principal type.

KRB5_NT_PRINCIPAL - The general principal type (recommended).
KRB5_NT_SRV_INST - The user service instance
KRB5_NT_SRV_HST - The host service instance

/kvno <keyversionnum> Specifies the key version number. The default value is 1. /answer {-|+} Sets the background answer mode:

- Answers reset password prompts automatically with NO.
+ Answers reset password prompts automatically with YES.

/target Sets which domain controller to use. The default is for the domain controller to be detected, based on the principal name. If the domain controller name doesn't resolve, a dialog box will prompt for a valid domain controller. /rawsalt forces ktpass to use the rawsalt algorithm when generating the key. This parameter is optional. {-|+}dumpsalt The output of this parameter shows the MIT salt algorithm that is being used to generate the key. {-|+}setupn Sets the user principal name (UPN) in addition to the service principal name (SPN). The default is to set both in the .keytab file. {-|+}setpass <password> Sets the user's password when supplied. If rndpass is used, a random password is generated instead. /? Displays Help for this command.

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4