We can create objects like Users and Groups via LDAP.
The question is how to create keytab file using LDAP?
I need somehow to run the following command and obtain the ffs.keytab file using LDAP.
ktpass -princ HTTP/[email protected] -mapuser [email protected] -crypto ALL -ptype KRB5_NT_PRINCIPAL -pass +rndPass -out c:\ffs.keytab
On
LDAP is a protocol to access the directory but it cannot be used to run some command on the server. So the answer for your question is you cannot create keytab using LDAP
For better understanding the use of Kerberos and LDAP, check the below link https://stackoverflow.com/a/46188971/3496666
You can create objects like users and groups using LDAP because it was the actual purpose for LDAP designed to access the directory and make the changes within the directory whereas keytab is mainly used for authentication and getting auth ticket without the need for password.
If you could explain the purpose for your requirement, some may have solution for you in different way but not using LDAP.
What do you think about Kerberos.NET? This library contains several features for integrate LDAP with dot net core applications, include create keytab files. Here have one thread commented by Steve Syfuhs, principal contributor of this library.