utkjad/how_to_kerberos.txt

## how_to_kerberos.txt
1.On KDC server login as kadmin.
kadmin -p admin/admin@<realm>

2. Now create Kerberos User. If the user principal is already created, go to step 3.
add_principal -kvno 1 sample@HC1.QA

3.Modify the user principal.
modprinc -maxlife 1days -maxrenewlife 7days +allow_renewable sample
Confirm the same by running following command
get_principal ingestor
Note the value of  Maximum renewable life
Principal:
Expiration date:
Last password change:
Password expiration date:
Maximum ticket life:
Maximum renewable life:
Last modified:
Last successful authentication:
Last failed authentication:

4.Identify the service principal, and renew the same by following step 3.
TODO - How to get service principal.

5.Now, you can create a keytab and use it wherever  you require.


Relevant Links - https://superuser.com/questions/1052153/kerberos-ticket-not-renewable
	1.On KDC server login as kadmin.
	kadmin -p admin/admin@<realm>

	2. Now create Kerberos User. If the user principal is already created, go to step 3.
	add_principal -kvno 1 sample@HC1.QA

	3.Modify the user principal.
	modprinc -maxlife 1days -maxrenewlife 7days +allow_renewable sample
	Confirm the same by running following command
	get_principal ingestor
	Note the value of Maximum renewable life
	Principal:
	Expiration date:
	Last password change:
	Password expiration date:
	Maximum ticket life:
	Maximum renewable life:
	Last modified:
	Last successful authentication:
	Last failed authentication:

	4.Identify the service principal, and renew the same by following step 3.
	TODO - How to get service principal.

	5.Now, you can create a keytab and use it wherever you require.


	Relevant Links - https://superuser.com/questions/1052153/kerberos-ticket-not-renewable