On Thu, 2016-03-24 at 14:12 +0100, Andreas Ladanyi wrote:
> The login should also (like on the old system) be possible from a client
> outside the kerberos realm, so a username/password popup should appear.
If the basic auth header is received the browser will either show a
popup, or just send
Hi,
Following are my setup details :
=> AIX version 6
=> MIT Kerberos version 1.12.4
=> Windows Server 2008 KDC.
Our kerberos authentication API dynamically loads MIT Kerberos and calls
its APIs via function pointer. It works fine in Linux.64 and Windows.
We have done two file changes for
Hi,
i want to migrate from mod_auth_kerb to mod_auth_gssapi.
config of the old system:
===
Apache 2 (Linux), mod_auth_kerb, Mantis IT web plattform configured with
basic auth in the config.php
Apache config for the directory entry of the mantis plattform:
AuthName bla
AuthType
Hey Tim,
>> Have you tried using kinit without --canonicalize against AD, while
>> playing around with the case?
> Yes, kinit NAME results in NAME@REALM principal in cache. kinit name results
> in name@REALM. This is what I am trying to avoid since I want a consistent
> principal name using the
Rick,
>Have you tried using kinit without --canonicalize against AD, while
>playing around with the case?
Yes, kinit NAME results in NAME@REALM principal in cache. kinit name results in
name@REALM. This is what I am trying to avoid since I want a consistent
principal name using the case of the
Hi Tim,
> When I configure Kerberos on a Mac OSX system, and login to the Mac
> and then run klist I see a principal name which is lower case but in
> AD the principal name is mixed case.
I heard before that AD accepts case changes (hearsay). Not sure if that
only reflected on the realm, or
