On Mon, 11 Nov 2002 20:43:38 +, Sam Hartman wrote:
> Impirical evidence suggests you're giving an incomplete answer here.
> I have a W2K box on my desk for which I log into an MIT account which
> is mapped by the domain to a domain account. No local account exists.
Hmm not sure how you did t
On Mon, 11 Nov 2002 11:45:26 +, Brian Thompson wrote:
> According to Luke this is theoretically possible:
>
>
>http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-8&frame=right&rnum=11&thl=1010052362,1009746294,1011410969,1011406245,1011372638,1011287500,1011279568,1011265813,1011263816,10
On Sun, 10 Nov 2002 13:36:39 +, Brian Thompson wrote:
> username. If I delete the local account it
> doesn't work. There is an account in the AD
> server with the same username which is the
> proxy account that I really want to use.
>
If you're logging into a non-Windows kerberos account t
On Fri, 08 Nov 2002 17:56:19 +0100, Christian wrote:
> Now, when calling AcquireCredentialsHandle in my SSPI application (
> AcquireCredentialsHandle( NULL, "Kerberos", SECPKG_CRED_OUTBOUND, NULL,
> NULL, NULL, NULL, &cred_handle, &expiry );
> ), I get :
> SEC_E_NO_CREDENTIALS : Error in Acquire
On Fri, 8 Nov 2002 09:58:56 + (UTC), [EMAIL PROTECTED]
("Klaas Hagemann") wrote:
>i have the same problem but i am not that familiar with working on windows.
>So can you please give me a link or send me the compiled version?
>
There's a precompiled version (built from the linux sources) on
www
On Sat, 05 Oct 2002 18:26:08 +, Sam Hartman wrote:
> I am fairly sure you're misusing the term active directory here. It's
> certainly true that you're using an extra DLL or two, and you need to
> have a krb5.ini, but you can use your Windows credentials and Windows KDCs.
I've had an implem
On Fri, 04 Oct 2002 22:51:55 +, Sam Hartman wrote:
> This is of course false. There are two ways you can port Unix GSSAPI
> to Windows. The first is to use MIT's Kerberos for Windows which
> includes a native GSSAPI implementation. The other is to use Martin
> Rex's dll for converting GSS
On Thu, 3 Oct 2002 15:40:50 + (UTC), [EMAIL PROTECTED] (R
Howard) wrote:
>The code I am compiling on XP is from the MS platform
>SDK (2/2002). The server on the solaris box is from
>the krb5-1.2.6 distribution.
>
>I am now trying to port the same gss-client from the
>MIT distribution to the
Apparently there's a but in MIT Kerberos 1.2.3-1.2.6 that breaks
Microsoft clients
(http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=162794&repeatmerged=yes).
The version I'm using seems to have had the first part of the patch
merged but not the second part - although looking at the code I can't
s
On Thu, 3 Oct 2002 11:22:38 + (UTC), [EMAIL PROTECTED] (Turbo
Fredriksson) wrote:
>1. Installed W2k Pro
>2. Installed SP3
>a. Auth to non-M$ KDC requires SP2 or greater!
> SP3 is the latest from M$.
>3. Executed the 'ksetup.exe' comman
On Thu, 3 Oct 2002 05:17:46 + (UTC), [EMAIL PROTECTED] (Turbo
Fredriksson) wrote:
>> "Clint" == Clint Chaplin <[EMAIL PROTECTED]> writes:
>
>Clint> Now I need to sync the Win2k kerberos client with the rest
>Clint> of Win2k - obviously it's not automatic. The Win2k clock
>Cli
On Wed, 2 Oct 2002 21:58:00 + (UTC), [EMAIL PROTECTED]
("Clint Chaplin") wrote:
>Read that log again carefully. It's saying that the >client< time is 1989, not the
>server time...
>
Windows is the client. The server is a Linux KDC.
Tony
Ke
OK I think I've found a problem. I found out how to enable logging
on the Win2k sid and got:
The function LogonUser received a Kerberos Error Message:
on logon session NODOMAIN.ORG\tmh
Client Time: 13:30:11. 11/2/1989 Z
Server Time: 20:49:3. 10/2/2002 (null)
Error Code: 0x19
On Tue, 01 Oct 2002 05:44:05 +, Turbo Fredriksson wrote:
>>>>>> "Tony" == Tony Hoyle <[EMAIL PROTECTED]> writes:
>
> Tony> Win2k still doesn't connect directly at all:
>
> Did you recreate the 'host/data.nodomain.org' p
On Sat, 28 Sep 2002 12:45:53 +0100, Tony Hoyle wrote:
> I've tried that... no help. I'm beginning to suspect the KDC is stuffed
> anyway... The Win MIT Kerberos client can't authenticate to it either,
> so there's something badly wrong somewhere (apart from it be
I've got a problem trying to auth with an MIT KDC on Linux from a windows
MIT Kerberos client (1.2.2, although I could probably upgrade to 1.2.4 if
required). The error I'm getting appears to imply clock
skew, but the machines are synchronised with each other using NTP, and are
on the same timezo
On Sat, 28 Sep 2002 06:43:24 +, Turbo Fredriksson wrote:
> Deleting it again, and creating it again, this time with the
> command line:
>
> [snip]
>
> This will allow me to login without rebooting the win host.
> Now, it's important that 'SECRET' is used with the win
> command (th
On Fri, 27 Sep 2002 13:47:47 +, Turbo Fredriksson wrote:
>> "Turbo" == Turbo Fredriksson <[EMAIL PROTECTED]> writes:
>
> Turbo> Tried again, this time with all the principals having
> Turbo> +require_preauth. Still work. Now I'm happy!
>
> This was even a requirenment! My girlf
18 matches
Mail list logo