On Mon, Dec 27, 2010 at 05:20:19AM +, Victor Sudakov wrote:
> That's great, but at least at the initialization stage, how is a
> shared key for the corresponding krbtgt principals transferred between
> the two KDCs?
>
> The Windows "New Trust" wizard just asks for a password and never
> offers
Victor Sudakov writes:
> I am just curious. What Windows client programs and Unix server programs
> (or vice versa) must you use? How do you use this trust?
We allow all Active Directory users at Stanford to log on either in the AD
realm or in the university Heimdal realm, and try to set up as m
On Mon, Dec 27, 2010 at 05:20:19AM +, Victor Sudakov wrote:
> Nicolas Williams wrote:
> > > 1. If a cross-realm trust is configured, do the realms' KDCs ever have to
> > > exchange any traffic between each other?
>
> > No, they do not.
>
> That's great, but at least at the initialization stag
Nicolas Williams wrote:
> > 1. If a cross-realm trust is configured, do the realms' KDCs ever have to
> > exchange any traffic between each other?
> No, they do not.
That's great, but at least at the initialization stage, how is a
shared key for the corresponding krbtgt principals transferred bet
Russ Allbery wrote:
> > 2. Are there any success stories of servers in a Heimdal realm
> > authenticating users from a trusted Microsoft AD based realm?
> Yes, we do this.
I am just curious. What Windows client programs and Unix server
programs (or vice versa) must you use? How do you use this t
Here is a small sample progam which crashes with 1.8.1 and 1.8.3, 1.9 but
works with 1.6.1.
BTW I can export acceptor security contexts but not initiator contexts.
Markus
/* test export of security context
*/
#include
#include
#include
#include
int main(void) {
#define SERVICENAME "HTTP"