Pete,
Ideally it should work. But I would suggest you to take dump of KDC database
and then move on to the new hardware.
- Sachin.
On Fri, Oct 23, 2009 at 5:33 PM, peter sands peter_sa...@techemail.comwrote:
Hello,
Currently using kerberos 5.
Soon I plan to migrate this server onto another
Hello,
I was going through the gssapi MIT krb1.6.3 code and I feel there is a
possible bug in kg_ctx_internalize() function defined in
src/lib/gssapi/krb5/ser_sctx.c file.
As I understand the function should unpack entities in the same order in
which they were packed by kg_ctx_externalize()
is not accepting it because the reply is coming
from real ip and not the alias.
When used the real ip for contacting KDC, then it worked fine.
This proves the things.
- Sachin.
On Fri, Feb 22, 2008 at 8:51 AM, Danny Mayer [EMAIL PROTECTED] wrote:
Ken Raeburn wrote:
On Feb 19, 2008, at 02:17, Sachin
it listens just on
TCP or both on TCP UDP ? Any specific reasons behind that ?
Awaiting reply.
- Sachin.
On Fri, Feb 22, 2008 at 1:35 PM, Sachin Punadikar
[EMAIL PROTECTED] wrote:
Ken,
Thanks a lot for the information.
I tested KDC, enabeling it to use a wild-card and UDP only (I removed call
of kadmind it uses wildcard to set up the port for listening.
Any specific reason for having different approaches while setting up ports?
Thanks in advance !!!
- Sachin Punadikar
Kerberos mailing list Kerberos@mit.edu
https
Hi,
here is the formula which governs the ticket_lifetime. So look at it
and make corresponding changes in your configuration
ticket lifetime = minimum of ( max_life from kdc.conf file,
ticket_lifetime from krb5.conf,
Hello,
I have Kerberos (MIT 1.5.4 release) configured as master and slave. At the
client side krb5.conf file I am mentioning kdc=slave-kdc. And this is the
only entry in the krb5.conf file which talks about KDC.
In this scenario if the attribute needchange is set then, it prompts for
the password
or
master_kdc=master-kdc
entry or both.
Jeffrey Altman
Sachin Punadikar wrote:
Hello,
I have Kerberos (MIT 1.5.4 release) configured as master and slave. At
the
client side krb5.conf file I am mentioning kdc=slave-kdc. And this is
the
only entry in the krb5.conf file which talks about KDC
Hi Mike,
Did you tried the below option while running the configure script ? Please
try it. It will give you an option to install the libraries in the location
you desire.
--
By default, `make install' will install all
as Novell wanted to haveits LDAP called eDirectory to be
used as the Kerberos data store for the MIT KDC. This requirement was
originated from a product called SAMBA which uses Kerberos.
- Sachin
On 9/6/06, Sachin Punadikar [EMAIL PROTECTED] wrote:
Hello,
I am having some queries regarding the new
Hello,
I am having some queries regarding the new Kerberos release 1.5.
1. Where can I learn more about , the new feature KDB abstraction layer,
donated by Novell included in the Krb5-1.5 release ?
2. Also wanted to know if MIT Kerberos 1.5 release adheres to RFC 4120 and
RFC 4121 ? I was not
Tom,
I tried code changes suggested by you, and it works fine. Now it is working
as it was working before.
Thanks a lot.
- Sachin.
On 8/16/06, Tom Yu [EMAIL PROTECTED] wrote:
Tom == Tom Yu [EMAIL PROTECTED] writes:
Tom This sounds like a bug in the patch. Try moving the krb5_seteuid(0)
Hi Tom,
I implemented the changes suggested by you for MIT krb5 Security Advisory
2006-001 in the ksu utility. I am always observing below message when I
exit from the ksu shell. I tested it on AIX and Linux. Behavior is same.
--
# ksu tester
Changing uid
was not able to locate this information explicitly anywhere on
the site or the docs ?
Your early reply is appriciated.
Thanks in advance !!!
--
with thanks regards,
Sachin Punadikar
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu
Hello,
I am having a query about KDC.
Does KDC listens for specified UDP/TCP ports on all available network
interfaces ?
Please reply back. Thanks !!!
-Sachin Punadikar
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman
15 matches
Mail list logo