David Carlin wrote:
Berkeley has a set of instructions for their students to do this. Their
AD also uses Kerberos for authentication:
http://calnetad.berkeley.edu/documentation/interoperability/#item1
It seems to have the students install a .reg file which has the same
effect as
I have a file server on the campus active directory that contains the
home directories for all the users of campus computer lab. I would like
for students to be able to connect to a share and access their files
from their dorm PCs not on the active directory. The complication here
is since
Jeffrey Altman wrote:
The user should then be able to browse with explorer and as long as they
use their full User Principal Name as known to the Active Directory
domain, they will be able to access the shares.
The active directory domain name is ADS. The Kerberos Realm is
INS.CWRU.EDU...
Hello!
I have managed to get to work SSO authentication between windows XP
(sp2) and windows server 2003. So when user is logged in to windows and
starts application, which I have made, authentication is done by
Krb5LoginModule. If TGT is found from the cache, authentication is
succesfull,
Mary,
I don't know if you already resolved this but here what I did:
Server1 = my local server
Server2 = server causing the eventid 3
1. server1 was receiving Eventid3:
A Kerberos Error Message was received:
on logon session
Client Time:
Server Time: 19:40:41.
If the Java application is requesting your username and password,
then it is not attempting to obtain Kerberos tickets from the Microsoft
LSA cache. Instead it is obtaining tickets and storing them for you
in a file based cache. Therefore, it does not matter if you lock and
unlock your desktop
David Carlin wrote:
I have a file server on the campus active directory that contains the
home directories for all the users of campus computer lab. I would like
for students to be able to connect to a share and access their files
from their dorm PCs not on the active directory. The
If you are using native ticket cache, Java Krb5LoginModule will obtain
the native TGT from the ticket cache via LSA API. If you are using a
file-based ticket cache, Java Krb5LoginModule will obtain the TGT from
your file-based cache. However if the ticket obtained from the ticket
cache is no
When prompted for username/password using Java Krb5LoginModule, the TGT
obtained is not stored in any file-based cache, it will be stored in the
JAAS subject. If the TGT already exists in the JAAS subject, it will be
used for authentication.
Please read my email in response to your question on
Hi,
I'm new to kerberos.I have been reading the docs on your site and google
more,but still don't understand well.
As far as I know,LDAP and Samba can work well as a single-sign-on in the
combination of windows and *nix-like env.But strictly speaking,it is so
called single-password in a central
10 matches
Mail list logo