[EMAIL PROTECTED] wrote: > Tunneling sounds like the best option. > > We have over 500 Windows 2000 and Windows 2003 domain > controllers (KDCs in Active Directory), that we don't want to have > to modify or install new software on. These domain controllers > (KDCs) do have SSL properly configured, so I suppose, we could > tunnel the AS-REQ and AS-REP inside of SSL. I'll try this unless > anyone knows of a better way, keeping in mind no major changes > can be made to these Domain Controllers. > > Thanks! > so how would one change the KDC to support SSL? the current kinit process only talk to udp/tcp 88, is there other proposals to do kinit?
-peter ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
