>> Hi,
>>
>>
>> Using Mit Kerberos how can I support SSO?
>You can obtain your tickets during the windows logon process from your
>domain controller and then access them from KFW aware applications by
>setting the default ccache to MSLSA: or by permitting Network Identity
>Manager to synchronize the MSLSA: cache contents with an API: cache.
>>
>> Is it possible to update Microsoft cache? How can I make other kerberised
>> application to use cache file which is generated by my application.
>On Vista the MSLSA: cache is read-write provided you do not use the
>binaries provided by MIT.
>KFW 3.2.2 was built incorrectly and the MIT distribution treats the
>Vista MSLSA: cache as read-only.
I want to update/add my credentials to Microsoft (windows XP & VISTA
&win2k prof) cache. So Other then Vista I can't Update credentials to
"MSLSA:"
How we can support SSO with Kerberos TGT. how all other products is
able to do this.
They are maintaining their own clients for supporting SSO?
Here my problem is all client should use my cache data which is
generated by my application those should not use Microsoft login
cache (MSLAS :).
Or else
If it is possible I should able to update MSLSA: cache.
Is there any other way to support SSO?
>> I mean when I got credentials (TGT) from KDC, I will store to cache file.
>> I will set it as default cache.
>Ok. Then all KFW aware applications that do not specify a ccache will
>use those credentials.
****************************************************************************
***********
This e-mail and attachments contain confidential information from HUAWEI,
which is intended only for the person or entity whose address is listed
above. Any use of the information contained herein in any way (including,
but not limited to, total or partial disclosure, reproduction, or
dissemination) by persons other than the intended recipient's) is
prohibited. If you receive this e-mail in error, please notify the sender by
phone or email immediately and delete it!
Message: 6
Date: Fri, 25 Jan 2008 18:52:32 -0500
From: Jeffrey Altman <[EMAIL PROTECTED]>
Subject: Re: support SSO in Windows with Keberos TGT
To: [EMAIL PROTECTED]
Cc: kerberos@mit.edu
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"
Eswar S wrote:
> Hi,
>
>
> Using Mit Kerberos how can I support SSO?
You can obtain your tickets during the windows logon process from your
domain controller and then access them from KFW aware applications by
setting the default ccache to MSLSA: or by permitting Network Identity
Manager to synchronize the MSLSA: cache contents with an API: cache.
>
> Is it possible to update Microsoft cache? How can I make other kerberised
> application to use cache file which is generated by my application.
On Vista the MSLSA: cache is read-write provided you do not use the
binaries provided by MIT.
KFW 3.2.2 was built incorrectly and the MIT distribution treats the
Vista MSLSA: cache as read-only.
>
> I mean when I got credentials (TGT) from KDC, I will store to cache file.
I
> will set it as default cache.
Ok. Then all KFW aware applications that do not specify a ccache will
use those credentials.
>
> My doubt is how all are supporting SSO using Kerberos tokens.
>
> How can I update Microsoft cache? Is it possible?
>
> Please help me in this regard. I will be waiting for your reply.
>
> Thanks and Regards,
> Eswar S
>
>
****************************************************************************
> ***********
> This e-mail and attachments contain confidential information from HUAWEI,
> which is intended only for the person or entity whose address is listed
> above. Any use of the information contained herein in any way (including,
> but not limited to, total or partial disclosure, reproduction, or
> dissemination) by persons other than the intended recipient's) is
> prohibited. If you receive this e-mail in error, please notify the sender
by
> phone or email immediately and delete it!
>
>
>
>
>
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url :
http://mailman.mit.edu/pipermail/kerberos/attachments/20080125/c2c10e18/smim
e-0001.bin
------------------------------
Message: 7
Date: Fri, 25 Jan 2008 21:09:20 -0500
From: "Matt Smith" <[EMAIL PROTECTED]>
Subject: Re: [lib]kadm on Windows?
To: "Russ Allbery" <[EMAIL PROTECTED]>
Cc: kerberos@mit.edu
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset=UTF-8
On Jan 25, 2008 6:28 PM, Russ Allbery <[EMAIL PROTECTED]> wrote:
>
> That's the bit that I was referring to where I hadn't had a chance to
> include the patch yet. I'm hoping to get it into the next release,
> although I don't yet have a plan for when that will be.
>
I'll probably start digging into this in about a month. If it will help
any, I'll report back anything I find. Is there a preferred forum for
remctl discussion?
Thank you,
-Matt
--
[EMAIL PROTECTED]
Key ID:D6EEC5B5
------------------------------
_______________________________________________
Kerberos mailing list
Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
End of Kerberos Digest, Vol 61, Issue 35
****************************************
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
