Dain,
When you use the telnet client to connect to your unix host which unix
user are you trying to connect with and can you login to this unix
account without kerberos being used ? Which version of the CyberSafe
products are you using (KDC and UNIX Client) ? Which company do you
work for ?
If you contact me via. email ([EMAIL PROTECTED]) I will be able
to help you with this support requirement.
Regards, Tim.
[EMAIL PROTECTED] ("Dain Ridnouer") wrote in message
news:<[EMAIL PROTECTED]>...
> Any help on the following problem would be appreciated.
>
> I am trying to set up a cross realm environment between a Microsoft KDC and
> a KDC running in the Unix environment and keep getting "Authorization
> failed" when doing a kerberized telnet from the Microsoft side to Unix. The
> Unix KDC runs the CyberSafe version of kerberos version 5.
>
> Details:
> Microsoft hostname: microkerb.org
> Microsoft realm: MICROKERB.ORG
> Unix hostname: kerbsrvt1.test.org
> Unix Realm: UKREALM
>
> I have read the Microsoft and CyberSafe interoperability papers and set up
> the appropriate trusts and user mappings between the 2 realms (I think).
>
> When I log on an XP machine in the Microsoft realm I get the following
> tickets:
>
> MICROKERB.ORG
> |
> |-- [EMAIL PROTECTED]
> |-- [EMAIL PROTECTED]
> |-- host/xpbox1.microkerb.org
> |-- [EMAIL PROTECTED]
> |-- [EMAIL PROTECTED]
> |-- [EMAIL PROTECTED]
>
> I do the telnet and get the following messages when I turn on debugging:
>
> -------------------------------------------------------------
> Sent: WILL AUTHENTICATION
> Sent: DO ENCRYPT
> Sent: WILL ENCRYPT
> Sent: WILL NAWS
> Rcvd: DO AUTHENTICATION
> Rcvd: SB AUTHENTICATION KERBEROS_V4 SERVER|MUTUAL KERBEROS_V5 SERVER|MUTUAL
> 0 1 2 1 0
> Rcvd: WILL ENCRYPT
> Rcvd: DO ENCRYPT
> Sent: WILL ENCRYPT
> Rcvd: SB ENCRYPT SUPPORT 1 2
> Rcvd: DO NAWS
> Sent: WILL NAWS
> Sent: SB NAWS 0 50 0 28
> Rcvd: DO TERMINAL TYPE
> Sent: WILL TERMINAL TYPE
> Rcvd: DO TSPEED
> Sent: WONT TSPEED
> Rcvd: DO XDISPLOC
> Sent: WONT XDISPLOC
> Rcvd: DO ENVIRON
> Sent: WONT ENVIRON
> Rcvd: SB TERMINAL TYPE 1
> Sent: SB TERMINAL TYPE 0 56 54 31 30 30
> _telnetd: Authorization failed.
> Remote Host Closed
> --------------------------------------------------------
>
> In the Unix log I get:
>
> Oct 23 14:19:10 kerbsrvt1 telnetd[11334]: connection from
> xpbox1.microkerb.org at ipaddr xxx.xx.xxx.xxx
> Oct 23 14:19:11 kerbsrvt1 telnetd[11334]: $TELNETD-E-C00008B6, Authorization
> failed
>
> After this I get the following additional tickets for the Unix realm.
>
> UKREALM
> |
> |-- krbtgt/UKREALM
> |-- host/kerbsrvt1.test.org
>
>
> Could my mappings be wrong? It appears that I get my cross realm ticket
> then fail using it. Any suggestions for changes or additional debugging
> that I can be using?
>
> Thank You,
> Dain
>
>
>
>
> _________________________________________________________________
> Protect your PC - get McAfee.com VirusScan Online
> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
>
> ________________________________________________
> Kerberos mailing list [EMAIL PROTECTED]
> http://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
http://mailman.mit.edu/mailman/listinfo/kerberos
