On 01/20/2015 12:08 AM, Zaid Arafeh wrote: > My questions are > 1- are there structural differences between MS tickets and MIT tickets?
The tickets themselves are in the same format, defined by RFC 4120. But they are stored in different ways. MIT krb5 generally stores tickets in a FILE ccache, whose format is described here: http://www.gnu.org/software/shishi/manual/html_node/The-Credential-Cache-Binary-File-Format.html Windows stores Kerberos tickets in an object called the LSA. Kerberos for Windows can access the LSA using the MSLSA: cache type, but that isn't relevant to your current task. > 2- by putting the ticket in the client's /tmp/ am I properly injecting > it in cache? No, and we don't provide command-line tools to inject a ticket into a cache. You will most likely have to write code to do this. You should be able to use krb5_cc_resolve(), krb5_cc_initialize(), krb5_cc_store_cred(), and krb5_cc_close() to store a ticket into the cache without having to write code specifically for the file ccache format. > 4- is it trivial to create a Kerberos ticket from scratch, given that i > have all principle secrets? There's no rocket science involved, but we don't provide command-line tools or public APIs to do so. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
