Product Documentation

Generating the KCD Keytab Script

Aug 31, 2016

The KCD Keytab Script dialog box generates the keytab script, which in turn generates the keytab file necessary to configure KCD on the NetScaler ADC.

To generate the KCD keytab script by using the configuration utility

  1. Navigate to Security > AAA - Application Traffic
  2. In the details pane, under Kerberos Constrained Delegation, click Batch file to generate keytab.
  3. In the Generate KCD (Kerberos Constrained Delegation) Keytab Script dialog box, fill out the fields as described below.
    • Domain User Name: The name of the domain user.
    • Domain Password: The password for the domain user.
    • Service Principal: The service principal.
    • Output File Name: A filename for the KCD script file.
    • Create Domain User Account: Select this check box to create the specified domain user account.
  4. Click Generate Script to generate the script. The script is generated, and appears in the Generated Script text box below the Generate Script button.
  5. Copy the script, and save it as a file on your AD domain controller. You must now run this script on the domain controller to generate the keytab file, and then copy the keytab file to the /nsconfig/krb/ directory on the NetScaler appliance.
  6. Click OK.