| getaaakcdaccountResult Structure Definition |
The getaaakcdaccountResult structure defines the return type for getaaakcdaccount API. |
Syntax |
Members |
rc |
If the method succeeds, rc is 0 else rc > 0. Values above 0x8000 indicate Warnings. |
message |
If the method succeeds, message is NULL else message contains Error/Warning message. |
aaakcdaccountList |
List of aaakcdaccounts |
| aaakcdaccount Structure Definition |
The aaakcdaccount structure defines the actual return type values for getaaakcdaccount API. |
Syntax |
Members |
kcdaccount |
The KCD account name. |
keytab |
The path to the keytab file. If specified other parameters in this method need not be given |
principle |
SPN extracted from keytab file. NOTE: This attribute is deprecated. This attribute is deprecated. Please do not configure this |
kcdspn |
Host SPN extracted from keytab file. |
realmstr |
Kerberos Realm. |
delegateduser |
Username that can perform kerberos constrained delegation. |
kcdpassword |
Password for Delegated User. |
usercert |
SSL Cert (including private key) for Delegated User. |
cacert |
CA Cert for UserCert or when doing PKINIT backchannel. |
userrealm |
Realm of the user |
enterpriserealm |
Enterprise Realm of the user. This should be given only in certain KDC deployments where KDC expects Enterprise username instead of Principal Name |
servicespn |
Service SPN. When specified, this will be used to fetch kerberos tickets. If not specified, Citrix ADC will construct SPN using service fqdn |
saltexpression |
Salt expression used by Kerberos impersonation. When configured, this expression will be used for key
derivation with AES-128 or AES-256 encryption types. For RC4 encryption, the salt is not used.
If the salt expression is not set, the default behavior is to derive the salt value from the Kerberos principal. |
_nextgenapiresource |
See Also |