Hi,
Scenario : User A forwards his credentials to User B. User B uses the
forwarded credentials to interact with User C on behalf of user A.
[Delegation]
In windows KDC there is delegation option associated with user properties.
I've set it to Do not trust this user for delegation for User B
Thanks Greg.
It worked when I provided only usercd entry in default keytab file.
On Wed, Feb 5, 2014 at 12:39 AM, Greg Hudson ghud...@mit.edu wrote:
On 02/04/2014 06:54 AM, suneetha Nadella wrote:
Enabled trace.. Logs attached. Looks like its looking into wrong memory
block??
The
Try checking the Account is sensitive and cannot be delegated option
in the user properties and see if that does what you want. (I'm not
sure if it will or not, but I believe this is the option actually
intended to prevent Kerberos delegation.)
CDC
Vipul Mehta wrote, On 2/10/2014 12:50 AM:
On 02/10/2014 01:50 AM, Vipul Mehta wrote:
In windows KDC there is delegation option associated with user properties.
I've set it to Do not trust this user for delegation for User B i.e. User
B will not be able to use delegated credentials.
I believe this option affects the ok-as-delegate
I am trying to install and configure krb5-1.12.1 installed from ports
on an Raspberry Pi running FreeBSD 10-STABLE.
root@krb5ldap:~ # uname -a
FreeBSD krb5ldap 10.0-PRERELEASE FreeBSD 10.0-PRERELEASE #0
r260786+cc2516d(stable/10): Fri Jan 17 20:08:46 CET 2014
On Mon, 10 Feb 2014 17:23:10 -0500
Greg Hudson ghud...@mit.edu wrote:
Just in case this turns out to be a security issue (unlikely, but
always a risk with KDC crashes), I'm taking this to krbcore-security.
On 02/10/2014 04:19 PM, Christopher J. Ruwe wrote:
root@krb5ldap:~ # env