Does anyone can help me?
When I try to start kadmin I always get the following message after entering
my password:
"kadmin: Communication failure with server while initializing kadmin interface"
KDC is running fine and I also get tickets with kinit. kadmin.local ist also
running fine.
Only ka
I have hard time to get the posix prompter to run under kfw 2.5. Here is the
scenario:
- kfw 2.5 on Windows 2000/XP (with all the service packs/hotfixes/patches)
- user with the expired password tries to initialized tickets v.5 via kinit:
kinit -5
The result of the above is
"Cannot find KDC for
Digant Kasundra wrote:
>
> > That is the only way to do it. There is no term called
> > "pass-through" authentication within Kerberos. The
> > authentication between the MIT and Microsoft realms are based
> > on cross-realm trusts. This is exactly what is described on the page:
>
> I guess I
> That is the only way to do it. There is no term called
> "pass-through" authentication within Kerberos. The
> authentication between the MIT and Microsoft realms are based
> on cross-realm trusts. This is exactly what is described on the page:
I guess I am using the phrase "pass-through" a
According to the CVS archive, the last version of KfW kinit.exe to
behave as you describe was KfW 2.0. KfW 2.0 prompted for the password
prior to calling krb5_get_init_creds_password() because it was designed
to obtain the krb4 tickets first. As of KfW 2.1, the kinit_prompter
function is registe
I have hard time to get the posix prompter to run under kfw 2.5. Here is the
scenario:
- kfw 2.5 on Windows 2000/XP (with all the service packs/hotfixes/patches)
- user with the expired password tries to initialized tickets v.5 via kinit:
kinit -5
The result of the above is
"Cannot fin
Does anyone know if this really works?
I put the following entry in the kdc.conf (and I also tried the
krb5.conf), and it doesn't complain, but it also doesn't seem to
actually DO anything.
[logging]
kdc = FILE://kdc.log
kdc_rotate = {
period = 1d
Digant Kasundra wrote:
> I think that's one of the ways you can do it, but that setup isn't
> considered "pass-through authentication," which is what we are going for.
That is the only way to do it. There is no term called "pass-through"
authentication within Kerberos. The authentication betwe
> That is not the way it works. The user would login with
> [EMAIL PROTECTED] and get a ticket,
> krbtgt/[EMAIL PROTECTED] This is done from the
> Kerberos realm. Then when the user needed to access a Windows
> resource, such
> as the local workstation during login, A cross realm ticket
> wou
KDC MIT 1.3.1(same pb with 1.3.2beta), and yes, the user principal in
the MIT KDC have a key of type RC4-HMAC. (It work without preauth attribute)
Denis Rousset
Jeffrey Altman a écrit:
> Which version of MIT Kerberos is the KDC?
>
> And more importantly, does the user principal in the MIT KDC h
10 matches
Mail list logo
