How to test Kerberos authentication from ClearPass Policy Manager
We can use the below ClearPass CLI command to check the kerberos authentication of a service principal:
[appadmin@CPPMVM1]# krb auth user@domain-name
1. Login to ClearPass Policy Manager CLI using appadmin login.
2. Use the command - krb auth username@domain-name.
krb auth firstname.lastname@example.org
3. To see the validity of the service principal, use the command - krb list.
1. Test authentication using Krb auth command for the service principal - email@example.com. We were able to authenticate successfully.
2. To see TGT validity of the service principal, use the command:
3. We can also change the password of service principal, when it is expired/needs to be changed at the next logon.