Kerberos - Key Distribution Center (KDC)
Table of Contents
1 - About
Key Distribution Center. A machine that issues Kerberos tickets.
The KDC is a service that should only be running on a domain controller. The service name is “Kerberos Key Distribution Center”. Basically the KDC is the service that is responsible for authenticating users when Kerberos is used.
2 - Articles Related
3 - Components
The KDC implements two server components:
4 - Management
4.1 - List
- klist from Windows
Current LogonId is 0:0x7f51cb6 The kerberos KDC binding cache has been queried successfully. KDC binding cache entries: (1) #0> RealmName: DOMAIN_NAME.LOCAL KDC Address: 10.10.174.5 KDC Name: hostname.domainName.local Flags: 0 DC Flags: 0xe000f1fc -> GC LDAP DS KDC TIMESERV CLOSEST_SITE WRITABLE FULL_SECRET WS DS_8 PING DNS_DC DNS_DOMAIN DNS_FOREST Cache Flags: 0
4.2 - Add
4.2.1 - Windows
ksetup /addkdc RealmName hostname.domainName.local
- klist add_bind doesn't work …
klist.exe add_bind RealmName hostname.domainName.local
Current LogonId is 0:0x7f51cb6 Error calling DsGetDCName: 0x5 klist failed with 0x5/5: Access is denied.