>We're not running OpenAFS. Still Transarc AFS.
Heh, sucks to be you :-)
>I hadn't heard that there's a pure krb5 solution for AFS, though ...
>even with OpenAFS.
Well, I wouldn't call it "pure". It's restricted to single-DES, and it's
only "sorta" V5, but it's enough to fix the V4 cross-real
On Tuesday, Jul 22, 2003, at 07:52 US/Pacific, Ken Hornstein wrote:
an easier solution would be to setup a windows realm for Win2k KDC
and a cross re
alm trust with a linux box in a different realm.
We were doing this (with Solaris, not Linux), but when the bug and fix
for the cross-realm sec
, July 22, 2003 9:52 AM
To: John Rudd
Cc: [EMAIL PROTECTED]
Subject: Re: Windows 2000 Server as KDC
>> an easier solution would be to setup a windows realm for Win2k KDC and a cross re
>alm trust with a linux box in a different realm.
>>
>
>We were doing this (with Solaris, not
>> an easier solution would be to setup a windows realm for Win2k KDC and a cross re
>alm trust with a linux box in a different realm.
>>
>
>We were doing this (with Solaris, not Linux), but when the bug and fix
>for the cross-realm security hole came out a few months ago, that caused
>it all to b
Mel Riser wrote:
>
>
> the Win2k KDC has to be the primary,
That's annoying.
> but Linux boxes or other OS's running kerberos can be backups. Replication is the
> problem though.
Any pointers on how to make that work?
>
> an easier solution would be to setup a windows realm for Win2k KDC
Microsoft based its Kerberos implementation on the open standard that RFC 1510 defines
(i.e., Kerberos V5), which means that Kerberos can provide authentication
interoperability between Win2K and other OSs that support an RFC 1510-based Kerberos
implementation.
Kerberos authentication interoper
separate Linux KDC for Unix authentication, and setup cross realm trusts.
mel
-Original Message-
From: Karl Pitrich [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 16, 2003 12:45 PM
To: [EMAIL PROTECTED]
Subject: Re: Windows 2000 Server as KDC
On Wed, 2003-07-16 at 01:18, Wayne Rasmussen
and a cross realm
trust with a linux box in a different realm.
mel
-Original Message-
From: Wayne Rasmussen [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 16, 2003 12:12 PM
To: [EMAIL PROTECTED]
Subject: Re: Windows 2000 Server as KDC
So the admin client app is not applicable to
On Wed, 2003-07-16 at 01:18, Wayne Rasmussen wrote:
> A few questions:
>
> 1) Does Windows 2000 server have a kerberos administrator server
> installed? Doesn't appear to have one as posts 749/750 are not open.
> Is there supposed to be one and at what port.
in [realms]
set both kdc and admin_s
So the admin client app is not applicable to this situation then is that correct?
thanks,
wayne
[EMAIL PROTECTED] wrote:
> Windows 2000 Server is by "Default" a Primary KDC as Windows uses it natively.
> Kerberos doesn't use 749/750 it uses port 88.
> There is a Kerberos admin cli application
John Rudd wrote:
> Wayne Rasmussen wrote:
> >
> > A few questions:
> >
> > 1) Does Windows 2000 server have a kerberos administrator server
> > installed? Doesn't appear to have one as posts 749/750 are not open.
> > Is there supposed to be one and at what port.
> >
> > 2) Is there a way on t
[EMAIL PROTECTED] wrote:
>
> Windows 2000 Server is by "Default" a Primary KDC as Windows uses it natively.
> Kerberos doesn't use 749/750 it uses port 88. There is a Kerberos admin cli
> application supplied on the Win2K server CD somewhere...can't remember specifics
> though.
Its:
"Intero
Windows 2000 Server is by "Default" a Primary KDC as Windows uses it natively.
Kerberos doesn't use 749/750 it uses port 88. There is a Kerberos admin cli
application supplied on the Win2K server CD somewhere...can't remember specifics
though.
Shane Stakem
> --
> From: Wayne
Wayne Rasmussen wrote:
>
> A few questions:
>
> 1) Does Windows 2000 server have a kerberos administrator server
> installed? Doesn't appear to have one as posts 749/750 are not open.
> Is there supposed to be one and at what port.
>
> 2) Is there a way on the Windows 2000 Server to test the
14 matches
Mail list logo
