Fortinet black logo

CLI Reference

config user krb-keytab

config user krb-keytab

Configure Kerberos keytab entries.

config user krb-keytab
    Description: Configure Kerberos keytab entries.
    edit <name>
        set keytab {string}
        set ldap-server <name1>, <name2>, ...
        set pac-data [enable|disable]
        set principal {string}
    next
end

config user krb-keytab

Parameter

Description

Type

Size

Default

keytab

base64 coded keytab file containing a pre-shared key.

string

Maximum length: 8191

ldap-server <name>

LDAP server name(s).

LDAP server name.

string

Maximum length: 79

name

Kerberos keytab entry name.

string

Maximum length: 35

pac-data

Enable/disable parsing PAC data in the ticket.

option

-

enable

Option

Description

enable

Enable parsing PAC data in the ticket.

disable

Disable parsing PAC data in the ticket.

principal

Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.

string

Maximum length: 511

config user krb-keytab

Configure Kerberos keytab entries.

config user krb-keytab
    Description: Configure Kerberos keytab entries.
    edit <name>
        set keytab {string}
        set ldap-server <name1>, <name2>, ...
        set pac-data [enable|disable]
        set principal {string}
    next
end

config user krb-keytab

Parameter

Description

Type

Size

Default

keytab

base64 coded keytab file containing a pre-shared key.

string

Maximum length: 8191

ldap-server <name>

LDAP server name(s).

LDAP server name.

string

Maximum length: 79

name

Kerberos keytab entry name.

string

Maximum length: 35

pac-data

Enable/disable parsing PAC data in the ticket.

option

-

enable

Option

Description

enable

Enable parsing PAC data in the ticket.

disable

Disable parsing PAC data in the ticket.

principal

Kerberos service principal, e.g. HTTP/fgt.example.com@EXAMPLE.COM.

string

Maximum length: 511