Hello Phil thanx again for your answer. So I read between the lines that even if there were bugfixes for GSSTSIG in Bind V. 9.7.2 - it dont work. So we have to wait until MS follow the standards? :-)
Forgive me but what is a disjoint domain environment? thanx a lot, cheers, Juergen 2010/12/6 Phil Mayers <p.may...@imperial.ac.uk> > On 12/06/2010 03:18 PM, Jürgen Dietl wrote: > > The Log-File from the DNS-SUSE-Server tells me "wrong principal". Is >> there a way to find out what principal it expects? >> > > You can configure it: > > tkey-domain "YOUR.DOMAIN"; > tkey-gssapi-credential "DNS/hostname.your.domain"; > > (I've never managed to make this work under bind, FWIW. Even when I did get > the kerberos working, the ms-self ACL turns out to be useless in a disjoint > domain environment) > > _______________________________________________ > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users >
_______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
