Creating a Keytab File on Windows
On Windows platforms, the services.keytab file is created using Active Directory Domain Services (AD DS) on a Windows server.
Note
If you are using the MD5 bind method and Active Directory Domain Services (AD DS) on a computer that is running Windows Server 2008 or Windows Server 2008 R2, be sure that you have installed the hot fix described in http://support.microsoft.com/kb/975697.
To create a services.keytab file, do the following:
Using Active Directory Domain Services on the Windows server, create a “user” with the same name as the MarkLogic Server hostname. For example, if the MarkLogic Server is named
mysrvr.marklogic.com, create a user with the namemysrvr.marklogic.com.Create a keytab file with the principal
HTTP/hostname usingktpasscommand of the form:ktpass princ HTTP/<hostname> mapuser <user-account> pass <password> out <filename>For example, to create a keytab file for the host named
mysrvr.marklogic.com, do the following:ktpass princ HTTP/mysrvr.marklogic.com@MLTEST1.LOCAL mapuser mysrvr.marklogic.com@MLTEST1.LOCAL pass mysecret out services.keytab
Copy the
services.keytabfrom the Windows server to the MarkLogic Server data directory on your MarkLogic Server.