Xu, Qiang (FXSGSC) wrote: >> -----Original Message----- >> From: kerberos-boun...@mit.edu >> [mailto:kerberos-boun...@mit.edu] On Behalf Of Michael Str?der >> Sent: Wednesday, March 18, 2009 2:34 PM >> To: kerberos@mit.edu >> Subject: Re: SASL authentication >> >> Did you try command-line option -A when invoking kinit as I >> suggested in my previous posting? It seems you probably >> should read a bit more about how Kerberos works especially >> regarding ticket types. There are tons of docs out there. > > Yes, I have tried the option -A. Originally I was using "kinit -f ...". Now I > am using "kinit -f -A ...". As far as I know, the option -A is "do not > include addresses". I can't see any gain here. After using -A option, the > error msg is still "82 Local error" when doing SASL binding. > >>From Google, I can only get a small number of materials on how to create a >>service principal under Windows 2003 Server. But they are all somewhat >>ambiguous, and I still can't figure out how to create a keytab file for LDAP >>client's use. >
Start with: http://technet.microsoft.com/en-us/library/bb742433.aspx Then look for ksetup program and 2003. Also look at Samba for net join and windbind and also look for msktutil. Solaris has a script to do this > Thanks, > Xu Qiang > ________________________________________________ > Kerberos mailing list Kerberos@mit.edu > https://mailman.mit.edu/mailman/listinfo/kerberos > > -- Douglas E. Engert <deeng...@anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
