I guess: If you use a non-Windows KDC, you'll have difficulties to set up
authorization for your Windows users.
(I know MIT Kerberos is not designed for authorization, but i try to be
pragmatic).
So, I think this is a fairly good approach.
Claude
-Original Message-
From: azimuth 1 [mailto:
Hello,
I want to enable someone the access to my account by using the .k5login
file. I did all necessary things and immediatly started off by trying:
shell% ksu toka
Nevertheless I wasn't able to get toka's ID but /home/toka contains the
.k5login file with my principal. Furthermore there's the f
In this white paper available at the address: www.microsoft.com/windows2000/
techinfo/howitworks/security/kerbint.asp.
I concluded that a good alternative for a network using Active Directory would be to
use a Windows KDC, the
one available with windows 2000 as a privileged proceess of AD. (Th
Sam,
I get now some authorisation data on the server after krb5_rd_req, but I
still cannot get the MS details. From the below I would think the
tkt->enc_part2->authorisation_data.contents could be associated with the
PACTYPE structure, but it doesn't fit (meaning cBuffers and version values
don't
Now I'm do some developping of kerberos protocol. But I meet a problem which make
me confused. I use a RH9 kdc server and program my own client peer. I succeed in
AS-REQ and AS-REP analization. But when I send TGS-REQ to the KDC, it give me an ERROR
reply. The e-code is "KRB_AP_ERR_SKEW" and
Hi,
have anybody sucessfully build krb5 on Linux-x86_64? I just searched the
mail archive and can't find the answer.
I'm trying to build krb5 on Opteron, which installed suse8:
(1)
./configure --prefix=/krb5 --enable-shared --without-krb4
checking if DNS Kerberos lookup support should be
