on 12-16-2014 12:01 PM
Hi,
just a short question.
Do we need to update the keytab file ( SAPSNCSKERB.pse ) with ( crontab )
../SLL/sapgenpse keytab -p SAPSNCSKERB.pse -a USER@DOMAIN.ORG -nopsegen -y " "
like we have to do it in the old SNC connection method ( kinit -k planned in the crontab ) ? or is it enough to build the pse one time.
Are there tickets that will expire ?
sapgenpse keytab -p SAPSNCSKERB.pse -nopsegen
#############################################################################
License Disclaimer SAP NetWeaver Single Sign-On
You are about to configure trust for single sign-on or SNC Client Encryption.
Please note that for single sign-on you require a license for
SAP NetWeaver Single Sign-On.
As exception, the usage of SNC Client Encryption only without SSO is free
as described in SAP Note 1643878.
#############################################################################
keytab: Found keyTab entries in PSE.
keytab: KeyTab content stored:
Version Time stamp KeyType Kerberos name
1 Fri Dec 12 09:43:16 2014 DES USER@DOMAIN.ORG
1 Fri Dec 12 09:43:16 2014 AES128 USER@DOMAIN.ORG
1 Fri Dec 12 09:43:16 2014 AES256 USER@DOMAIN.ORG
1 Fri Dec 12 09:43:16 2014 RC4 USER@DOMAIN.ORG
greetings
Oliver
Hello,
you need to update the Keytab in the PSE file if you change the password of the Service principal user on the Active Directory Domain, that's all.
What you see is the generation time of the Kerberos keys, but there are infinite valid.
The Kerberos service tickets have lifetimes but there will be generated on a per SNC session basis.
best regards
Alexander Gimbel
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
does anyone know the answer ?
push
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.