{"id":1473,"date":"2019-10-27T11:14:17","date_gmt":"2019-10-27T02:14:17","guid":{"rendered":"https:\/\/knowhow.hirohiro716.com\/?p=1473"},"modified":"2023-01-24T10:53:07","modified_gmt":"2023-01-24T01:53:07","slug":"windows10%e3%81%abkerberos%e8%aa%8d%e8%a8%bc%e3%81%a7%e3%82%b5%e3%82%a4%e3%83%b3%e3%82%a4%e3%83%b3%e3%81%99%e3%82%8b","status":"publish","type":"post","link":"https:\/\/weblog.hirohiro716.com\/?p=1473","title":{"rendered":"Windows10\u306bkerberos\u8a8d\u8a3c\u3067\u30b5\u30a4\u30f3\u30a4\u30f3\u3059\u308b"},"content":{"rendered":"<h4>\u524d\u63d0\u6761\u4ef6<\/h4>\n<pre class=\"brush: plain; gutter: false; title: ; notranslate\" title=\"\">\r\n\u30fb Home\u30a8\u30c7\u30a3\u30b7\u30e7\u30f3\r\n\u30fb \u30af\u30e9\u30a4\u30a2\u30f3\u30c8FQDN\u306fwin01.local.example.com\r\n\u30fb \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306ehost\u3092KDC\u4e0a\u3067\u4f5c\u6210\u3057\u3066\u304a\u304f\r\n\u30fb \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306ekeytab\u3092\u4efb\u610f\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3067\u751f\u6210\u3057\u3066\u304a\u304f\r\n\u3000 (FreeIPA\u306a\u3089 ipa-getkeytab -s dc1.local.example.com -p host\/win01.local.example.com -k \/etc\/krb5.win01.keytab -P \u306a\u3069)\r\n<\/pre>\n<h4>PC\u540d\u306e\u5909\u66f4<\/h4>\n<p style=\"margin-bottom:2em;\">\n\u306f\u3058\u3081\u306bPC\u540d\u3092win01\u306b\u3057\u3066\u304a\u304f\u3002\n<\/p>\n<h4>\u8a8d\u8a3c\u30b5\u30fc\u30d0\u30fc\u306e\u8a2d\u5b9a<\/h4>\n<p>\u30b3\u30de\u30f3\u30c9\u30d7\u30ed\u30f3\u30d7\u30c8\u3092\u7ba1\u7406\u8005\u3068\u3057\u3066\u8d77\u52d5\u3057\u4e0b\u8a18\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3059\u308b\u3002<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\nksetup \/setdomain LOCAL.EXAMPLE.COM\r\nksetup \/setcomputerpassword keytab\u751f\u6210\u6642\u306b\u6307\u5b9a\u3057\u305f\u30d1\u30b9\u30ef\u30fc\u30c9\r\nksetup \/addkdc LOCAL.EXAMPLE.COM dc1.local.example.com\r\nksetup \/addkpasswd LOCAL.EXAMPLE.COM dc1.local.example.com\r\nksetup \/mapuser * *\r\n<\/pre>\n<h4>\u518d\u8d77\u52d5\u3068\u78ba\u8a8d<\/h4>\n<p style=\"margin-bottom:2em;\">\nWindows\u3092\u518d\u8d77\u52d5\u3057\u3066\u3001\u30d5\u30eb\u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u540d\u304cwin01.local.example.com\u306e\u3088\u3046\u306aFQDN\u306b\u306a\u3063\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3059\u308b\u3002\n<\/p>\n<h4>\u6697\u53f7\u5316\u306e\u7a2e\u985e\u3092\u69cb\u6210<\/h4>\n<p>\u30ec\u30b8\u30b9\u30c8\u30ea\u3092\u7de8\u96c6\u3057\u3066\u3001Kerberos\u3067\u8a31\u53ef\u3059\u308b\u6697\u53f7\u5316\u306e\u7a2e\u985e\u3092\u69cb\u6210\u3059\u308b\u3002<br \/>\nRC4_HMAC_MD5\u30fbAES128_HMAC_SHA1\u30fbAES256_HMAC_SHA1\u3092\u6709\u52b9\u306b\u3059\u308b\u306e\u304c\u76ee\u7684\u3002<br \/>\n\u203bgpedit.msc\u304c\u4f7f\u3048\u308b\u306a\u3089GUI\u3067\u8a2d\u5b9a\u3057\u3066\u3082\u826f\u3044<\/p>\n<pre class=\"brush: plain; title: ; notranslate\" title=\"\">\r\nWindows Registry Editor Version 5.00\r\n\r\n&#x5B;HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\Kerberos\\Parameters]\r\n&quot;SupportedEncryptionTypes&quot;=dword:0000001c\r\n<\/pre>\n<h4>\u30ed\u30fc\u30ab\u30eb\u30a2\u30ab\u30a6\u30f3\u30c8\u306e\u4f5c\u6210<\/h4>\n<p style=\"margin-bottom:2em;\">\nkerberos\u8a8d\u8a3c\u3067\u30b5\u30a4\u30f3\u30a4\u30f3\u3059\u308b\u30e6\u30fc\u30b6\u30fc\u3068\u540c\u540d\u306e\u30ed\u30fc\u30ab\u30eb\u30a2\u30ab\u30a6\u30f3\u30c8\u3092\u4f5c\u6210\u3059\u308b\u3002<br \/>\n\u203b\u5b9f\u969b\u306e\u8a8d\u8a3c\u306b\u306f\u4f7f\u308f\u308c\u306a\u3044\u304c\u30d1\u30b9\u30ef\u30fc\u30c9\u306f\u7ba1\u7406\u8005\u5074\u3067\u4f55\u304b\u8a2d\u5b9a\u3057\u305f\u65b9\u304c\u826f\u3044\n<\/p>\n<h4>\u5b9f\u969b\u306e\u30b5\u30a4\u30f3\u30a4\u30f3<\/h4>\n<p style=\"margin-bottom:2em;\">\n\u30b5\u30a4\u30f3\u30a4\u30f3\u3059\u308b\u969b\u306f\u300cuser@LOCAL.EXAMPLE.COM\u300d\u306e\u3088\u3046\u306brealm\u3092\u3064\u3051\u3066\u884c\u3046\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u524d\u63d0\u6761\u4ef6 \u30fb Home\u30a8\u30c7\u30a3\u30b7\u30e7\u30f3 \u30fb \u30af\u30e9\u30a4\u30a2\u30f3\u30c8FQDN\u306fwin01.local.example.com \u30fb \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306ehost\u3092KDC\u4e0a\u3067\u4f5c\u6210\u3057\u3066\u304a\u304f \u30fb \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306ekeytab\u3092\u4efb\u610f\u306e\u30d1\u30b9\u30ef\u30fc\u30c9\u3067\u751f\u6210\u3057\u3066 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27,14],"tags":[],"class_list":["post-1473","post","type-post","status-publish","format-standard","hentry","category-freeipa","category-windows"],"views":3260,"_links":{"self":[{"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=\/wp\/v2\/posts\/1473","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1473"}],"version-history":[{"count":13,"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=\/wp\/v2\/posts\/1473\/revisions"}],"predecessor-version":[{"id":2331,"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=\/wp\/v2\/posts\/1473\/revisions\/2331"}],"wp:attachment":[{"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1473"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1473"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/weblog.hirohiro716.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1473"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}