Re: one time password integration

Yes, a data gets a service ticket. > On Jul 31, 2024, at 4:55 PM, Ken Hornstein wrote: > >  >> >> One surprise in doing all of this is that there seems to be no standard >> utility to let us see the auth indicator for the user's credentials. I'm >> probably doing to use one of the test program

Re: one time password integration

>One surprise in doing all of this is that there seems to be no standard >utility to let us see the auth indicator for the user's credentials. I'm >probably doing to use one of the test programs (adata). It seems to be >complicated by having the auth indicator in the encrypted part of the >ticket.

Re: one time password integration

x27;t have to give most users a separate password. From: Ken Hornstein Sent: Wednesday, July 31, 2024 3:44 PM To: Charles Hedrick Cc: kerberos@mit.edu Subject: Re: one time password integration >We're looking at one time password integration (DUO). A while ago >changes were made to all

Re: one time password integration

>We're looking at one time password integration (DUO). A while ago >changes were made to allow a longer timeout, since users may take a >while to respond to DUO requests. Since this isn't in a release yet, and >it takes years for new versions to show up on all of our systems,

Re: one time password integration

On 7/31/24 14:22, Charles Hedrick via Kerberos wrote: The comments suggest that with TCP if there isn't an answer within 10 sec, it then tries all servers. This comment is outdated; I missed it when making the behavior changes. Starting in release 1.22, once a KDC accepts a connection, the cl

one time password integration

We're looking at one time password integration (DUO). A while ago changes were made to allow a longer timeout, since users may take a while to respond to DUO requests. Since this isn't in a release yet, and it takes years for new versions to show up on all of our systems, we can