New-WSOneKerberosPrincipal
1.0
This script generates a correct KeyTab file for a WorkspaceONE connector.
For this, VMware provides a rudimentary script as described here:
https://techzone.vmware.com/deploying-premises-vmware-identity-manager-vmware-workspace-one-operational-tutorial
In a standard VMware scenario where the connector machine is a member of the only domain it will provide
Kerberos
For this, VMware provides a rudimentary script as described here:
https://techzone.vmware.com/deploying-premises-vmware-identity-manager-vmware-workspace-one-operational-tutorial
In a standard VMware scenario where the connector machine is a member of the only domain it will provide
Kerberos
This script generates a correct KeyTab file for a WorkspaceONE connector.
For this, VMware provides a rudimentary script as described here:
https://techzone.vmware.com/deploying-premises-vmware-identity-manager-vmware-workspace-one-operational-tutorial
In a standard VMware scenario where the connector machine is a member of the only domain it will provide
Kerberos authentication against, this script works quite similarly to the original setupKerberos.ps1 but
with much more verbose logging and sanity checks built in.
In a multidomain or crossdomain scenario it will generate both correct KeyTab file and correct SPNs for the
principal in Active Directory.
As a small bonus, the user created by this script will have a UPN set and some descriptive features populated.
In order to run this script successfully, you need to complete the Kerberos configuration and deploy it to the connector.
This is needed to have the krb5.conf file which contains the information about domains beinmg served.
Run it elevated from a location of your choice on the connector machine. The log goes in %TEMP%, as does the
backup of krb5.conf and krb5.keytab
Show more
For this, VMware provides a rudimentary script as described here:
https://techzone.vmware.com/deploying-premises-vmware-identity-manager-vmware-workspace-one-operational-tutorial
In a standard VMware scenario where the connector machine is a member of the only domain it will provide
Kerberos authentication against, this script works quite similarly to the original setupKerberos.ps1 but
with much more verbose logging and sanity checks built in.
In a multidomain or crossdomain scenario it will generate both correct KeyTab file and correct SPNs for the
principal in Active Directory.
As a small bonus, the user created by this script will have a UPN set and some descriptive features populated.
In order to run this script successfully, you need to complete the Kerberos configuration and deploy it to the connector.
This is needed to have the krb5.conf file which contains the information about domains beinmg served.
Run it elevated from a location of your choice on the connector machine. The log goes in %TEMP%, as does the
backup of krb5.conf and krb5.keytab
Installation Options
Owners
Copyright
2020 metaBPA.org | Evgenij Smirnov | @cj_berlin
Package Details
Author(s)
- es@it-pro-berlin.de
Tags
VMware WorkspaceONE Kerberos Active Directory
Functions
Write-ScriptLog Import-KRB5ConfigFile Export-KRB5ConfigFile
Dependencies
This script has no dependencies.
Release Notes
Creates the Kerberos principal for a WorkspaceONE connector in single-, multi- and cross-domain scenarios.
FileList
- New-WSOneKerberosPrincipal.nuspec
- New-WSOneKerberosPrincipal.ps1
Version History
| Version | Downloads | Last updated |
|---|---|---|
| 1.0 (current version) | 112 | 7/15/2020 |