Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 4.3.4
Affects Version/s: None
Component/s: None
Labels:
None

Backwards Compatibility:
Fully Compatible
Sprint:
Security 2019-12-16, Security 2019-12-30, Security 2019-01-13, Security 2019-01-27, Security 2020-02-10

Linux Only
We will recommend to users to use “Get-ADUser -Identity app1 -Properties "msDS-KeyVersionNumber"” to check the version. We do not want to query AD directly as it is a LOT of work. This does limit the effectiveness of the check though.

Check the kvno listed in the keytab matches the kvno in Windows
- i.e. Query AD for msDS-KeyVersionNumber
https://blogs.technet.microsoft.com/pie/2018/01/03/all-you-need-to-know-about-keytab-files/
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-ada2/41a643a1-e423-47ac-b77e-1a6b35c27df7

Assignee:: Adam Cooper (Inactive)

Reporter:: Mark Benvenuto

Participants:: Adam Cooper, Githook User, Mark Benvenuto

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: Sep 04 2019 08:10:43 PM UTC

Updated:: Oct 29 2023 10:17:27 PM UTC

Resolved:: Feb 06 2020 12:03:58 AM UTC