Let's uplevel a bit.
To me PAGs provide a useful distinction between processes in some sort
of session, sharing some common characteristics, one that is better than
environment variables in that it is easily (cheaply) observable from the
IPC peers.
PAGs have, for me, at least these uses:
- As
On Monday, April 03, 2006 11:11:14 AM -0500 Nicolas Williams
[EMAIL PROTECTED] wrote:
Let's uplevel a bit.
To me PAGs provide a useful distinction between processes in some sort
of session, sharing some common characteristics, one that is better than
environment variables in that it is
On Mon, Apr 03, 2006 at 01:23:48PM -0400, Jeffrey Hutzelman wrote:
On Monday, April 03, 2006 11:11:14 AM -0500 Nicolas Williams
[EMAIL PROTECTED] wrote:
Let's uplevel a bit.
To me PAGs provide a useful distinction between processes in some sort
of session, sharing some common
On Mon, Apr 03, 2006 at 02:27:36PM -0400, Jeffrey Hutzelman wrote:
Now, the issue is that when you're talking about a caching distributed
filesystem, your identity affects not only what credentials are used to
establish connections to fileservers on your behalf, but also what you
are allowed
On Mon, Apr 03, 2006 at 02:27:36PM -0400, Jeffrey Hutzelman wrote:
On Monday, April 03, 2006 12:56:34 PM -0500 Nicolas Williams
[EMAIL PROTECTED] wrote:
That I'd rather count references to network credentials from sessions
than from processes that might have done a seteuid() to temporarily
Dear Kerberos,
I downloaded the latest LSP code from the microsoft
website,there are few errors i corrected it is working fine .the problem i am
facing is if some other LSP is going
to be in top and my LSP is going to be in middle it is not get loaded .
I seen some other
Hi Team,
Thank you for your information. Thaks a lot for your guidance. COuld you
please let me know your thoughts on ..How TGS_REQ packet generation happens,
What steps should be followed? In my TGS_REQ packet, KDC_REQ_BODY fileds are
missing.
Please find attached my capture file. Please have a
On Sat, Apr 01, 2006 at 12:13:31AM -0500, Ken Hornstein wrote:
Ken is wrong.
Careful, now :-) When I was agreeing with Nico, I was specifically
talking about storing Kerberos tickets in the kernel versus something
in userspace. I think that there is no technical reason you cannot
have a
On Monday, April 03, 2006 02:01:21 PM -0500 Nicolas Williams
[EMAIL PROTECTED] wrote:
On Mon, Apr 03, 2006 at 02:27:36PM -0400, Jeffrey Hutzelman wrote:
Now, the issue is that when you're talking about a caching distributed
filesystem, your identity affects not only what credentials are
On Mon, Apr 03, 2006 at 04:43:07PM -0400, Jeffrey Hutzelman wrote:
On Monday, April 03, 2006 02:01:21 PM -0500 Nicolas Williams
[EMAIL PROTECTED] wrote:
On Mon, Apr 03, 2006 at 02:27:36PM -0400, Jeffrey Hutzelman wrote:
Since you've agreed that PAGs are not a session separation feature I'll
On Monday, April 03, 2006 02:08:46 PM -0500 Nicolas Williams
[EMAIL PROTECTED] wrote:
File descriptors in Solaris already retain a reference to the cred_t
used to open the file. So UID or PAG is not relevant here. Neither
is processes with that UID or PAG. What is relevant is references
Hi,
I am working on bringing a Unix service under AD. To do this I need to map
a service
principal name (SPN) to an AD account. The MS document specifies using a
user
account for this, and I have tested with this and it works. However, I am
also
trying to use a computer account for this.
Hello all,
I am using MIT Krb5 1.4.3, and am looking to send an email
notification to my users 14 days before their passwords expire. I have
cobbled together a Proof-of-Concept using kadmin -q getprinc -terse to
scrape the password expiration date from each principal. The PoC works,
but seems
Are you doing a kprop each night?
If so you have the info you need dumped into a text file.
John
Hello all,
I am using MIT Krb5 1.4.3, and am looking to send an email
notification to my users 14 days before their passwords expire. I have
cobbled together a Proof-of-Concept using kadmin
14 matches
Mail list logo
