Thanks a lot, Greg. We'll take the patch, apply it, test it and get back to
you. Thanks again.
Prakash
Prakash N | 408 771 4273
On Mon, Feb 3, 2014 at 6:31 PM, Greg Hudson wrote:
> On 02/03/2014 02:26 PM, Prakash Narayanaswamy wrote:
> > Hello, We are trying to get a service (a SMB server) r
On 02/03/2014 02:26 PM, Prakash Narayanaswamy wrote:
> Hello, We are trying to get a service (a SMB server) running on Linux
> kerberized using the GSS API. During the negotiation (SPNEGO), the Windows
> SMB client specifies MS KRB5 (1.2.840.48018.1.2.2) as the preferred
> mechanism and supplies th
Thanks Matt. I'll let you know if we run into any problems.
Jason
---
Jason Edgecombe | Linux and Solaris Administrator
UNC Charlotte | The William States Lee College of Engineering
9201 University City Blvd. | Charlotte, NC
2014-01-20 Jason Edgecombe :
> Hi everyone,
>
> We're trying to set up a Linux compute cluster using torque. I would
> like the jobs to be able to access each user's AFS space by caching the
> user's Kerberos tickets/access.
>
> One solution is auks:
> http://workshop.openafs.org/afsbpw10/talks/we
Thanks for this .
After taking 1.12.1, impersonate name works fine.
but its crapping out on the last init_sec context
Constrained delegation tests follow
---
gss_canonicalize_name: The routine completed successfully
gss_canonicalize_name: Unknown error
gss_display
Hello, We are trying to get a service (a SMB server) running on Linux
kerberized using the GSS API. During the negotiation (SPNEGO), the Windows
SMB client specifies MS KRB5 (1.2.840.48018.1.2.2) as the preferred
mechanism and supplies the initial token. The gss_accept_sec_context method
on the ser
On 02/03/2014 09:41 AM, Rick van Rein wrote:
> Looking at SPNEGO (and probably other protocols as well) I see that the
> server can take the initiative for an GSSAPI exchange, and when doing so, it
> could already challenge the client.
What are you looking at specifically? GSSAPI exchanges begi
On 02/03/2014 06:20 AM, suneetha Nadella wrote:
> Constrained delegation tests follow
> ---
[...]
> gss_init_sec_context: Unspecified GSS failure. Minor code may provide
> more information
> gss_init_sec_context: Matching credential not found
I haven't seen this on
Hello,
GSSAPI-based protocols have an option of challenging a client with a counter
value. This is done after the client submits a ticket.
Looking at SPNEGO (and probably other protocols as well) I see that the server
can take the initiative for an GSSAPI exchange, and when doing so, it could