--- R Howard <[EMAIL PROTECTED]> wrote:
> Date: Fri, 4 Oct 2002 10:47:23 -0700 (PDT)
> From: R Howard <[EMAIL PROTECTED]>
> Subject: RE: microsoft xp gssapi client talking to
> solaris8 gssapi server
> To: "Paul B. Hill" <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>
> Thanks for the info. I followed
It is now time to get a Solaris machine to authenticate to my
live MIT Kerberos V KDC.
Unfortunately for me, I don't know any Solaris :)
Anyone know of any good HOWTO/FAQ on getting this to work?
Preferably one that don't require TO much 'reading between
the lines'...
__
Quoting Luke Howard <[EMAIL PROTECTED]>:
> >> "Luke" == Luke Howard <[EMAIL PROTECTED]> writes:
> >
> >Luke> Last time I looked into it, the MIT backend API was nowhere
> >Luke> near as simple as Heimdal's. So, we are very unlikely to do
> >Luke> so.
> >
> >Chicken :)
>
> Well, w
Em Mon, Oct 07, 2002 at 06:01:06AM +1000, Luke Howard escreveu:
> Well, why don't you just use Heimdal? Unless you are a vendor with
> an existing investment in MIT Kerberos, I would not expect this to
> be a major problem; you can still keep your MIT clients. :-)
Unfortunately there are interope
I work at Ohio University where we are using Kerberos to authenticate
users who are using a calendaring program now called Oracle Calendar (it was
CorporateTime) the authentication seems to be working fine for me except
from home where I am behind a linksys hub/router. It actually acts like
e
>> We don't actively maintain this backend; we have an internal
>> LDAP KDC backend that uses a different schema, and that's
>> where our efforts are focused at present.
>
>And this is based on Heimdal?
Yes. (We added support for dynamically loadable backends to
Heimdal.)
-- Luke
--
Luke Howard
It depends what version of Solaris you are running and whether
you are using the Kerberos that comes with Solaris (SEAM) or
if you have installed MIT KRB5 on your Solaris box.
If you are running Solaris 8 or 9 and using the Solaris Kerberos
stuff (SEAM), which is based on MIT KRB5, then all you
Actually davidchr wrote:
> Our gssapi samples do not speak the same wireprotocol as the
> corresponding gssclient/gssserver in the MIT distribution because ours
> are based on an earlier implementation. See Paul's email on this
> (attached).
>
> If you need the samples to test interop between th
> "Wyllys" == Wyllys Ingersoll <[EMAIL PROTECTED]> writes:
Wyllys> The problems with the newer MIT GSS samples and the MS
Wyllys> samples are not due to GSSAPI/SSPI incompatibilities, but
Wyllys> because MIT added some new "tokens" and flags that the
Wyllys> client and servers
Title: Kerb/PKI Infrastructure - Who's on first?
Help, I'm thoroughly confused. What is the best recommended direction for single
authentication being proposed by the IETF, or is there? I can see Kerb feeding public key
applications a TGT or visa versa from PKI app's with PKINIT. It looks
Quoting Luke Howard <[EMAIL PROTECTED]>:
> >> We don't actively maintain this backend; we have an internal
> >> LDAP KDC backend that uses a different schema, and that's
> >> where our efforts are focused at present.
> >
> >And this is based on Heimdal?
>
> Yes. (We added support for dynamically
>> Yes. (We added support for dynamically loadable backends to
>> Heimdal.)
>
>How long did it take you (and 'your' crew) to do this? Design not
>included (man hours that is)?
Writing the original LDAP backend for Heimdal took me about a week,
if I remember correctly. (There is no 'crew'. :-))
12 matches
Mail list logo
