I am trying to enable smartcard logins to a MIT Kerberos domain using
the recent PK-INIT preauth plugin. I am using Ubuntu 8.10 with it's
stock Kerberos 1.6.4 packages except for pkinit.so recompiled with
-DDEBUG. I have a server certificate installed on the KDC with the
extended key usage id_pki
the main challenge is you need a database that supports kerberos. not
many do
oracle -> yes but you gotta pay extra and its kinda funky
db2 -> yes but kinda funky
mysql -> no (but people are working on it)
sybase - no
postgres -> I think yes
the easiest is to use IIS and MSSQL - then it just work
> "FG" == Frank Gruellich writes:
FG> Hi, I have set up a Kerberos realm. A user and a service (let's
FG> say a database) are both included as principals in KDC database
FG> and the service restricts access to */dbu...@example.com. User
FG> and service can communicate perfec
Hi,
I have set up a Kerberos realm. A user and a service (let's say a
database) are both included as principals in KDC database and the
service restricts access to */dbu...@example.com. User and service can
communicate perfectly using a database CLI at the users machine.
Now these days CLIs are
Magdaleno Benitez wrote:
> I had earlier posted about help with setting up kerberos on a windows
> 2003 enterprise server R2 x64. I think I get what is and have set it up
> properly by using the group domain policy to enable and disable the
> settings i want and I had the KDC service also enabl
I had earlier posted about help with setting up kerberos on a windows
2003 enterprise server R2 x64. I think I get what is and have set it up
properly by using the group domain policy to enable and disable the
settings i want and I had the KDC service also enabled and installed
IIS. I also have
On Mar 3, 2009, at 08:47, zhaoyang mao wrote:
> Can i use one machine as the kdc server and the openldap server?
Certainly, that should work fine.
Some people would suggest, though, that you run different services on
different machines so that an accidental compromise of one doesn't
impact th
Can i use one machine as the kdc server and the openldap server?
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Hi All ,
I have recently developed this issue while configuring
microsoft KDC in mixed environments.
My environment is unix client and server and windows
server 2003 KDC .
I have registered an SPN unix/a.b.c.d under a user unix1
in windows KDC .
I fetch a keytab using ktpass standard hotfix