Hi. Trying to get Windows auth to a MIT kdc working.
I've found that windows seems to somehow care about the order of the key/salt types in the principal. eg: kadmin: getprinc bozo Principal: [EMAIL PROTECTED] Expiration date: [never] Last password change: Thu Jun 17 15:43:08 EDT 2004 Password expiration date: [none] Maximum ticket life: 30 days 00:00:00 Maximum renewable life: 30 days 00:00:00 Last modified: Thu Jun 17 15:43:08 EDT 2004 (admin/[EMAIL PROTECTED]) Last successful authentication: [never] Last failed authentication: [never] Failed password attempts: 0 Number of keys: 2 Key: vno 11, DES cbc mode with CRC-32, no salt Key: vno 11, DES cbc mode with CRC-32, AFS version 3 Attributes: Policy: [none] with the above, authentication works. BUT kadmin: getprinc bozo Principal: [EMAIL PROTECTED] Expiration date: [never] Last password change: Thu Jun 17 15:43:08 EDT 2004 Password expiration date: [none] Maximum ticket life: 30 days 00:00:00 Maximum renewable life: 30 days 00:00:00 Last modified: Thu Jun 17 15:43:08 EDT 2004 (admin/[EMAIL PROTECTED]) Last successful authentication: [never] Last failed authentication: [never] Failed password attempts: 0 Number of keys: 2 Key: vno 12, DES cbc mode with CRC-32, AFS version 3 Key: vno 12, DES cbc mode with CRC-32, no salt Attributes: Policy: [none] with the above setup, authentication does NOT work. Any thoughts? Thanks! -- ******************************** David William Botsch Consultant/Advisor II CCMR Computing Facility [EMAIL PROTECTED] ******************************** ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
