I use something based on https://github.com/mhorowitz/pykrb5 , wrapped with
gevent.
That makes it easy to continuously monitor hundreds of KDCs with very low
CPU use.
I would advise doing a TGS request rather than AS as that makes it is to
filter these out of your logs. Just create kdcping/hostnam
to figure out by myself the problem, but there's no error on any log
of the server components (kdc,kadmind etc.)
Could some of you give me some suggestions?
Regards,
Andrea
--
Andrea Cirulli
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Don't know why but did not receive any attachment and your email, I just saw it
in the kerberos digest.
Can you do ls -lart /etc/krb* and
ls -lart /etc/krb5/*
And then try to resend me the output log of the truss command.
Regards,
Il giorno 30/dic/2009, alle ore 19.30, Andrea Cirul
amp;1
and then in the output seek where the kadmin.local is looking for the
configuration file you will find some errors like ENOENT
Let me know.
Bye,
Andrea
Il giorno 30/dic/2009, alle ore 18.02, kerberos-requ...@mit.edu ha scritto:
> Message: 6
> Date: Wed, 30 Dec 2009 20:09:36 +0530
&
want to use the administration password you can use the keytab
> for administration with -k option.
>
> Be aware that your password does not contain special characters ( ! & ..) in
> that case you have to insert the password between 'PASSWORD'.
>
> Bye,
> An
can NTP server?
>
> > -Original Message-
> > From: kerberos-boun...@mit.edu
> > [mailto:kerberos-boun...@mit.edu] On Behalf Of Andrea Cirulli
> > Sent: Friday, April 17, 2009 4:37 PM
> > To: kerberos@mit.edu
> > Subject: kerberos and time zone
> >
lpful.
Thanks in advance.
--
Andrea Cirulli
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
in advance.
--
Andrea Cirulli
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
anks
On Tue, Mar 25, 2008 at 4:54 PM, Jeffrey Altman <
[EMAIL PROTECTED]> wrote:
> Andrea wrote:
> > Hi all,
> > I'm looking for a way to force the KDC server to release only
> > addressless tickets, that is, even if a client is looking/asking for
> &g
btain what I said above?
P.S: The solution on which I have to put just into krb5.conf an entry
such as noaddresses=true doesn't accomplish my goal.
Thanks in advance,
Best regards,
Andrea
Kerberos mailing list Kerberos@mit
esolve these problem??
Unfortunately, I can't do anything on the systems and on the network
so I have to resolve the problem from a Kerberos point of view.
Thanks in advance,
Best regards,
Andrea
Kerberos mailing list Kerberos@mit.ed
EMAIL PROTECTED]([EMAIL
PROTECTED])s/@.*//
auth_to_local = DEFAULT
}
On 17 Mar, 21:44, "Markus Moeller" <[EMAIL PROTECTED]> wrote:
> Hi Andrea,
>
> a user [EMAIL PROTECTED] in not the same as a user [EMAIL PROTECTED] You need
> to
> tell a serve
chine with a ticket of SOLARIS2 REALM.
I want to ask to you:
Am I missing something on the configuration?
Is necessary to set up for each user on the system a .k5login?
Is it possible to avoid using the .k5login?
Thanks in advance!
best regards,
A
On 11 Mar, 20:17, Andrea <[EMAIL PROTECTED]> wrote:
> On 11 Mar, 08:46, [EMAIL PROTECTED] wrote:
>
>
>
> > Hi,
>
> > Okay... I think I've found the issue. Apparently there is a problem when
> > running kpropd from inetd. A little googling turned up other
On 11 Mar, 08:46, [EMAIL PROTECTED] wrote:
> Hi,
>
> Okay... I think I've found the issue. Apparently there is a problem when
> running kpropd from inetd. A little googling turned up others that have
> had thie same issue. This is probably a side effect of the fork/exec by
> inetd. Does anyone kno
dding this
particular realm is the only thing to do making the cross realm
authentication working.
Any suggestions?
Am i missing something for the correct configuration,
thanks in advance guys!
--
Andrea Cirulli
Kerberos mailing list Kerber
vance!
--
Andrea Cirulli
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
/local/var/krb5kdc/principal -p /usr/local/sbin/
kdb5_util -a /usr/local/var/krb5kdc/kadm5.acl
Connection from colcascms
krb5_recvauth(5, kprop5_01, host/[EMAIL PROTECTED], ...)
authenticated client: host/[EMAIL PROTECTED] (etype == DES cbc mode
with CRC-32)
It seems that the slave KDC accept
usr/local/var/krb5kdc/principal -p /usr/local/sbin/
kdb5_util -a /usr/local/var/krb5kdc/kadm5.acl
Connection from colcascms
krb5_recvauth(5, kprop5_01, host/[EMAIL PROTECTED], ...)
authenticated client: host/[EMAIL PROTECTED] (etype == DES cbc mode
with CRC-32)
It seems that the slave KDC a
I finally got SSO with Kerberos working on a Solaris 9, but now I have
some problem on setting the correct pam.conf.
My goal is to authenticate with Kerberos or LDAP or Passwd in this
order, anyone has a working fine pam.conf for this setting.
Thx in advance
_
On 8 Feb, 18:21, "Douglas E. Engert" <[EMAIL PROTECTED]> wrote:
> Andrea wrote:
> > On 7 Feb, 20:37, "Douglas E. Engert" <[EMAIL PROTECTED]> wrote:
> >> Andrea wrote:
> >>> Hi all,
> >>> I'm experiencing some pr
On 7 Feb, 20:37, "Douglas E. Engert" <[EMAIL PROTECTED]> wrote:
> Andrea wrote:
> > Hi all,
>
> > I'm experiencing some problem on kerberizing ssh on Solaris 9 with MIT
> > Kerberos,
>
> > I have the following setting:
>
> > 1. Sun So
Hi all,
I'm experiencing some problem on kerberizing ssh on Solaris 9 with MIT
Kerberos,
I have the following setting:
1. Sun Solaris 5.9
2. MIT Kerberos KDC 1.6.3 ( I use just the kdc from the MIT Kerberos)
3. On Kerberos client side I used the one from Solaris from the
following packet: SUN
better solution between CGI-BIN and
JPL??
Thanks in advance guys!!!
Best regards,
Andrea
On 15 Gen, 09:48, Andrea <[EMAIL PROTECTED]> wrote:
> Hello,
> i work with Vincenzo Carnuccio.
> Now we have tried the Perl extension and it seems that it works fine.
> We are trying also w
Hello,
i work with Vincenzo Carnuccio.
Now we have tried the Perl extension and it seems that it works fine.
We are trying also with jni project on ONNV-gate.
We will inform you about.
Thank you!
On 14 Gen, 21:33, Russ Allbery <[EMAIL PROTECTED]> wrote:
> "Greg Wallace" <[EMAIL PROTECTED]> write
en the user and kerberos which maps the
certificates in credentials allowing Kerberos to authenticate the user
himself.
Thanks in advance,
Andrea
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
AP, I'm in an
hard situation, with an extremely non-regular LDAP tree, how to find
the correct mapping to the correct identity???
Thanks in advance,
Andrea
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Any suggestions about how to use Kerberos in OpenLDAP through SASL
mechanisms or some other mechanism?
thx in advance,
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Ok! All is well now!
Thanks
Andrea Chiesa
"Turbo Fredriksson" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Quoting "Andrea Chiesa" <[EMAIL PROTECTED]>:
>
> > > #/usr/kerberos/sbin/kadmin
&
I've got the same problem. I've just configured DNS to resolv the hostname
where I put KDC/Kadmin and I also have added a line in /etc/hosts but
nothing happens. Have you resolved this problem? Thanks
Andrea Chiesa
"Ben Ocean" <[EMAIL PROTECTED]> wrote in message
[EMA
30 matches
Mail list logo