On Apr 26, 2005, at 18:12, <[EMAIL PROTECTED]> wrote:
Tried the suggestions below ( changes to dnsglue.c )
First option compiled; but gave the same errors locating KDC.
Okay, so it sounds like there's something wrong in addition to the
overrun.
Second option would not compile. Lots of errors.
We
Tried the suggestions below ( changes to dnsglue.c )
First option compiled; but gave the same errors locating KDC.
Second option would not compile. Lots of errors.
Thanks,
Lamar
--
Date: Tue, 26 Apr 2005 16:36:26 -0400
From: Ken Raeburn <[EMAIL PROTECTED]>
To: Mil
John Harris wrote:
> Greetings,
>
> We're currently looking at increasing the session and ticket encryption
> types for our Unix-based Kerberos clients (command-line and GSSAPI-based
> client/web clients) up to AES.
>
> One of our issues is to continue to support the cross-realm authentication
>
On Apr 26, 2005, at 13:40, Milton Turley wrote:
I have done some research on this problem. The host resolve code does
not complete successfully. I have traced the error to the routine at
/kerberos/mit/krb5-1.4/src/lib/krb5/os/dnsglue.c. In the routine a
call is made to res_ninit to provide dn
I recently ran into the following problem of trying to proxy SPNEGO Kerberos
through an SSL VPN appliance. As you've stated below it does not work. First
is there any documentation as to what the fundamental problem statement is?
Secondly are there any known work arounds or hacks for this is
I have done some research on this problem. The host resolve code does not
complete successfully. I have traced the error to the routine at
/kerberos/mit/krb5-1.4/src/lib/krb5/os/dnsglue.c. In the routine a call
is made to res_ninit to provide dns information for the kdc. res_ninit
updates t
Downloaded KRB5 1.4.1 and the installation worked great with GCC and AIX
make. None of the problems that were encountered with 1.4.0 and the
unbalanced "(".
The problem with:
/usr/local/kerberos/bin/kinit -V
kinit(v5): Cannot resolve network address for KDC in requested realm
while getting init
Greetings,
We're currently looking at increasing the session and ticket encryption
types for our Unix-based Kerberos clients (command-line and GSSAPI-based
client/web clients) up to AES.
One of our issues is to continue to support the cross-realm authentication
with Windows KDCs on campus. As fa
Greetings,
Another integration question...UMich's CITI Group had incremental
propagation and cross-realm authentication patches for older versions of
MIT Kerberos.
Were these integrated into the MIT release as of 1.4+, and if not, does
anyone know if they still work?
John Harris
Campus Data Cent
Hi everyone,
after having changed the allowable maximum lifetimes in the principal db, I
can use kinit with options to ask for tickets valid longer than the default
10h. However, I have not found a way to change this default for pam-krb5,
i.e. how to get a longer ticket from login. I tried to chan
10 matches
Mail list logo
