From 2f9e3120bbd7ef6b7459fccb5b740b6542b13c57 Mon Sep 17 00:00:00 2001
From: Chetan Risbud <crisbud@redhat.com>
Date: Wed, 27 Nov 2013 17:14:35 +0530
Subject: Additional Parameters to create keytab file

Minor changes to explicitly set keyversion number as 0 and
encryption method while creating keytab file on Windows AD server.
This has been noticed on different windows 2008 server that they set
different kvno by default. So just making sure it to be 0 as expected by
mod_auth_kerb.

Bug: N/A

Change-Id: Ic114e4964745abfe97fbfcd575b5205bd6aaf171
Signed-off-by: Chetan Risbud <crisbud@redhat.com>
Reviewed-on: http://review.gluster.org/6370
Reviewed-by: Prashanth Pai <ppai@redhat.com>
Tested-by: Prashanth Pai <ppai@redhat.com>
Reviewed-by: Luis Pabon <lpabon@redhat.com>
---
 doc/swiftkerbauth_guide.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/swiftkerbauth_guide.md b/doc/swiftkerbauth_guide.md
index 144bf59..e18c7ef 100644
--- a/doc/swiftkerbauth_guide.md
+++ b/doc/swiftkerbauth_guide.md
@@ -48,7 +48,8 @@ Copy keytab file to client:
 
 Add a HTTP Kerberos service principal:
 > c:\>ktpass.exe -princ HTTP/fcclient.winad.com@WINAD.COM -mapuser
-> auth_admin@WINAD.COM -pass Redhat*123 -out c:\HTTP.keytab
+> auth_admin@WINAD.COM -pass Redhat*123 -out c:\HTTP.keytab -crypto DES-CBC-CRC
+> -kvno 0
 
 Use winscp to copy HTTP.ketab file to /etc/httpd/conf/http.keytab
 
-- 
cgit