Derek T. Yarnell wrote:
> So I have installed the new krb5-1.4 release on both RHEL3 and Solaris
> 2.8 and found that when I want to talk to my DCE servers I get this,
>
> [EMAIL PROTECTED] bin]$ /opt/UMldap2/bin/kinit [EMAIL PROTECTED]
> kinit(v5): Incorrect net address while getting initial cre
John Harris wrote:
> Greetings,
>
> It looks like as of June last year GSSAPI libraries didn't support AES
> encryption. Do they still not? We have several applications built with
> it and will need to stick to DES3 if it's not shortly forthcoming.
>
> Thanks,
MIT Kerberos 1.4 supports GSSAPI
Greetings,
It looks like as of June last year GSSAPI libraries didn't support AES
encryption. Do they still not? We have several applications built with
it and will need to stick to DES3 if it's not shortly forthcoming.
Thanks,
John Harris
Campus Data Center Administrator
University of Califor
Thanks for your response again Seema. I am able to get SSO to work with
J2SE 1.4.2_07. During all this trial and error at some point I had
started building and running against 1.4.2_04 and didn't realise the
folly since I was always able to get a ticket when I provided my userid
and password, when
So I have installed the new krb5-1.4 release on both RHEL3 and Solaris
2.8 and found that when I want to talk to my DCE servers I get this,
[EMAIL PROTECTED] bin]$ /opt/UMldap2/bin/kinit [EMAIL PROTECTED]
kinit(v5): Incorrect net address while getting initial credentials
[EMAIL PROTECTED] bin]$ /
Although currently Java Kerberos does not support RC4-HMAC etype, this
is not a problem with the encryption type.
JAAS Kerberos authentication does succeed when the user provides the
login/password; this means user has enabled "DES" for this account. If
the AD account settings have "use DES enc
As per your earlier email, you had mentioned that SSO works correctly
with your "test" account, and you do not get prompted for password. Is
this an issue with the another account on the same AD domain ?
JAAS Kerberos login module will acquire the native credentials, provided
you have the corre
On April 4th, Nick Bernstein wrote:
> I'm trying to setup a very simple kerberos authentication
> system for my domain, where there is one Primary KDC and one
> failover KDC, and a lot of other hosts ("clients") which use
> that KDCs to authenticate requests for different services on
> the c
I'm trying to setup a very simple kerberos authentication system for my
domain, where there is one Primary KDC and one failover KDC, and a lot of
other hosts ("clients") which use that KDCs to authenticate requests for
different services on the client hosts. To do this, I've been following the
ori
hi,
one of my application is needing this libcom_err.so.3
how can i install it..
i tried installing krb5-1.2.7-14.1.src.rpm but it gave some warning
..telling some user hany doesn't exist
pls help me solving this..
thx in advance
Jkg
__
Preetam Ramakrishna wrote:
Hi,
Douglas, Thanks for the information. I forgot to mention that
I was using a windows client, i.e., I am trying to map to a w2k server (
part of a win2k domain ). Is it possible to specify the w2k domain name
in this case.
The W2K domain controlers act as the
Markus Moeller wrote:
Has anybody tried to centralise the .k5login by storing this information in
ldap ?
Not, sure, but a good idea. A related way to do this is to use
the auth_to_local = option in the [realms] secion of the krb5.conf
If all your users from one realm SAMPLE1.COM) are trusted as
12 matches
Mail list logo
