On 1116363066 seconds since the Beginning of the UNIX epoch
Sam Hartman wrote:
>
>>>>>> "Roland" == Roland Dowdeswell <[EMAIL PROTECTED]> writes:
>
>Roland> On 1116021302 seconds since the Beginning of the UNIX
>Roland> epoch
>Ro
provides a pthread_once() that returns true
without calling anything if -lpthread is not specified. We probably
need a more generic solution...
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
Kerberos mailing list
esponding.
>
>If someone has a better idea, please tell me.
Yes, issue a ICMP6_FQDN_QUERY to the host and use its response.
On NetBSD, e.g., ping6 -w will do this. Better than writing a new
service, write a DNS nameserver which will do this and delegate
reverse mapping of IPv6 PTR requests to it.
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
ly convince me to send a DES PA_TIMESTAMP...
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
In our environment, we have noticed that MIT krb5 1.3.1 fails to
use DNS to find KDCs if there are too many entries. We have about
75 AD DCs. Has anyone else noticed this issue?
Thanks,
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric
o you
will have to kinit(1) when you go back to work.
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
st method should work. In general you do not need to
obtain specific tickets for services, you can just use the TGT to
get them. In example 3, you have REALM1 and REALM2: are these different
and if so do you have cross realm trust setup appropriately?
--
Roland Dowdeswell
make it cron-able without writing passwords in the cront
>ab. Is it possible?
If you have the keys in a keytab, then:
$ kinit -S SAPServiceWD2/@ -kt
will get the key from the file .
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
_
ntrol the IP PTR RRs. Even if I
have a secure way of querying the PTR RRs, they are not under my
control and therefore I should not trust them. Or if I have a
machine co-located, the PTR RRs are under the control of the ISP
not me. PTR RRs should not be used (IMO, again) for any security
sensiti
be better
to just use ICMP6 a la ``ping -w host''---at least with IPv6 asking
a host for its name is an implemented standard.
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
Kerberos mailing list Kerbe
10 matches
Mail list logo