Hi there,
Where can I find the manual pages for the krb5_get_init_creds_password
function ? I try to understand what the prompter function is used for:
is it used to prompt the user for a password (if the 'password' argument
is NULL) and/or to prompt the user for a new password if the current
Markus Moeller wrote:
Check also the kvno (key version number). 2000 doesn't increment it, whereas
2003 does, so you can get different kvnos from 2000 and 2003 kdcs. But there
is a patch form MS which allows to configure 2003 to act like a 2000 kdc wrt
to kvnos.
If you have the MIT KfW or
Matt wrote:
So, to sum up, if I am failing to accept service tickets that I am
recieving as described above with error 31 BAD_INTEGRITY, do you think
I should add a permitted_enctypes entry with the relevant ciphers(The
Windows KDC appears to be using RC4-HMAC or DES-CBC-MD5, depending on
No, unfortunately that's just client software. I got a message from MIT's
staff and there currently is no KDC implementation for Windows.
From: Balakrishnan, Sivakumar [EMAIL PROTECTED]
To: D. Musicant [EMAIL PROTECTED],[EMAIL PROTECTED]
CC: kerberos@mit.edu
Subject: RE: Where donwload MIT KDC
I'm facing a problem where an app leveraging gssapi on one of my linux
boxes fails to decrypt service tickets it recieves from clients. The
tickets are issued by a Windows KDC. The failure returned by gssapi is
kerberos error 31 (decimal) AP_ERR_BAD_INTEGRITY.
I am wondering if this related to
Apologies if anybody sees this twice... I believe my first post failed.
I'm facing a problem where a server side app leveraging gssapi on one
of my linux boxes fails to honor all service tickets that are presented
to it by clients. The tickets are issued by a Windows KDC. The failure
returned by
hi all,
fairly new to kerberos here. i've got the book o'reilly kerberos the
definitive gude and followed the procedure in chapter 4 and have a
successful master kdc and it's working. i'm trying to create my first
slave kdc, and the book gets a little less detailed (pg63). log into
each kdc,
I'm actually speaking about the enc-part of the Kerberos packet itself,
not in the ticket. Is this the part you were speaking of?
Our problem is that we're trying to validate the password for the user
when we receive the AS-REP packet, but for some reason, we cannot find
where to get the
Maybe this helps (from
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/4a1daa3e-b45c-44ea-a0b6-fe8910f92f28.mspx
)
Markus
KRB_AS_REP Message Contents
The message includes:
. A TGS session key for the user to use with the TGS, encrypted with
the user key
On Sep 29, 2005, at 14:32, NetSteady wrote:
I'm actually speaking about the enc-part of the Kerberos packet
itself,
not in the ticket. Is this the part you were speaking of?
Any EncryptedData object. The specs in RFC 3961 specify how
encryption is done. For all (I believe) currently
gss-server
sim_server
sserver
uuserver
krb5-send-pr
login.krb5
klogind
What are these binaries and where is the documentation for these
programs ?
basically Iam looking for a program that would allow access to a port
after authentication.
e.g., I run my http server[non kerbarized] on PC-X:80 ;
11 matches
Mail list logo
