On 2/19/08, Ken Raeburn <[EMAIL PROTECTED]> wrote:
> The UDP service offered by the KDC needs to respond from the same IP
> address that the client used to reach it. That's not possible with a
> wildcard-address listener unless your system has support for
> IP_PKTINFO or IPV6_PKTINFO, which is now
Hi,
Look this howto about Kerberized Apache:
http://eduardosachs.org/mediawiki/index.php?title=Autentica%C3%A7%C3%A3o_Kerberos_no_Apache2
[]'s
Ido Levy escreveu:
> Hello All,
>
> I am looking for a way to enable users to get access to their space through
> the web browser.
> I would like to inte
Hi,
Look this howto about Kerberized OpenLDAP, Samba PDC and Squid:
http://eduardosachs.org/mediawiki/index.php?title=Heimdal_Kerberos_%2B_Samba_PDC_%2B_OpenLDAP_%2B_Squid_no_Debian_Etch
[]'s
Wes Modes escreveu:
> I am using SASL/GSSAPI to authenticate to Kerberos from OpenLDAP. I
> haven't got
---
Message-ID: wkan - JVDV - 2034
---
Hallo!
Habe mich über deine Antwort auf meine Kontaktanzeige sehr gefreut.
Wie schon in meinem Anzeigentext geschrieben, erwarte ich nur ein kleines
Taschengeld bei einem heissen Sexdate.
Wenn Du tatsächlich noch Interesse an einem geiles Sexdate mit mir
On Feb 20, 2008, at 04:28, Vipin Rathor wrote:
> On 2/19/08, Ken Raeburn <[EMAIL PROTECTED]> wrote:
>> The UDP service offered by the KDC needs to respond from the same IP
>> address that the client used to reach it. That's not possible with a
>> wildcard-address listener unless your system has su
Wes Modes wrote:
> Reason for this is that eventually, our campus kerberos
> service will be replaced with a secure LDAP auth.
OH! Are you sure this is a good idea? (This is the Kerberos list)
Are you looking at Samba or AD as the LDAP server? If so they both
have Kerberos (Samba 4 does at least)
"Douglas E. Engert" <[EMAIL PROTECTED]> writes:
> As Jeff pointed out, not with GSSAPI. What you might be looking for
> is slapd code to take a username and password and do in effect a kinit
> and a verify tgt, or have a sasl plugin do it for your. I don't know
> of one.
There is an ugly hack: ha
Hi Kevin,
Thank you for the help !!
My comments are integrated below
Ido Levy
"Kevin S. Sumner" <[EMAIL PROTECTED]> wrote on 19/02/2008 17:07:02:
> Hi Ido,
>
> The modauthkerb website says you need an extention for "Mozilla" (I'm
> assuming the Mozilla Suite and Firefox) to do ticket-passing
>
Thanks !!
Eduardo Sachs <[EMAIL PROTECTED]> wrote on 20/02/2008 09:30:59:
> Hi,
>
> Look this howto about Kerberized Apache:
> http://eduardosachs.org/mediawiki/index.php?title=Autentica%C3%A7%
> C3%A3o_Kerberos_no_Apache2
>
> []'s
>
> Ido Levy escreveu:
> > Hello All,
> >
> > I am looking for a
Hello Sebastian,
Thank you for your help.
My comments are integrated below.
Ido Levy
[EMAIL PROTECTED] wrote on 19/02/2008 18:16:49:
> Ido Levy <[EMAIL PROTECTED]> writes:
>
> > I am looking for a way to enable users to get access to their space
through
> > the web browser.
> > I would like to
[EMAIL PROTECTED] wrote on 20/02/2008 03:38:09:
> >
> > Hello All,
> >
> > I am looking for a way to enable users to get access to their space
through
> > the web browser.
> > I would like to integrate it with our Kerberized SSO environment as
well.
> > I tried this module http://modauthkerb.sourc
Ido Levy <[EMAIL PROTECTED]> writes:
> Following your advice I tried to compile the module on RHEL 5 64 bit
> architecture.
> Unfortunately I got the following:
>
> /usr/sbin/apxs -c -i -l gss ./mod_auth_gss.c
> /usr/lib64/apr-1/build/libtool --silent --mode=compile gcc -prefer-pic -O2
> -g -pipe
An interesting question came up on one of the OpenLDAP lists.
Provided that a GSSAPI authentication is done entirely within a single
thread, is it safe to do subsequent reads and writes to that connection
through the GSSAPI layer in different threads? Or does that violate the
underlying requireme
On Feb 20, 2008, at 13:57, Russ Allbery wrote:
> An interesting question came up on one of the OpenLDAP lists.
It was brought up on one of the Kerberos lists not too long ago, too.
> Provided that a GSSAPI authentication is done entirely within a single
> thread, is it safe to do subsequent reads
I built kerberos 1.6.3 against another version of
openldap, and the segfault persists. I've built and
installed on rhel5, and still get the segfault. Any
other ideas for collecting debug info?
Looking for
Ken Raeburn wrote:
We currently assume that a security context is used in only one
thread at a time, so you could switch between threads, just not use
it simultaneously in multiple threads. But the person looking into
it earlier concluded that there may not be anything besides the
sequenc
Greetings,
As part of a campus working group currently evaluating Kerberos product
options, I have been tasked with researching the following two
requirements for MIT Kerberos:
(1) Must house more than 200,000 accounts.
(2) Must issue more than 3 tickets per second.
Both would seem to be stric
Tim Metz <[EMAIL PROTECTED]> writes:
> Greetings,
>
> As part of a campus working group currently evaluating Kerberos product
> options, I have been tasked with researching the following two
> requirements for MIT Kerberos:
>
> (1) Must house more than 200,000 accounts.
> (2) Must issue more than
On Feb 20, 2008, at 15:01, Jeffrey Altman wrote:
> There should be no need for locking on platforms that support an
> atomic increment operation which these days should be just about
> all of the major platforms that we care about.
I've kept that in mind, yes, but so far as I've seen, there do
> "IL" == Ido Levy <[EMAIL PROTECTED]> writes:
IL> [EMAIL PROTECTED] wrote on 20/02/2008 03:38:09:
>> >
>> > Hello All,
>> >
>> > I am looking for a way to enable users to get access to their
>> space
IL> through
>> > the web browser. > I would like to integrat
Russ Allbery <[EMAIL PROTECTED]> writes:
> Tim Metz <[EMAIL PROTECTED]> writes:
> > Greetings,
> > As part of a campus working group currently evaluating Kerberos product
> > options, I have been tasked with researching the following two
> > requirements for MIT Kerberos:
> > (1) Must house more t
Hi,
I need to use Kerberos to authenticate users for squid via samba.
My /etc/hosts is as follows:
127.0.0.1 localhost
localhost.localdomain localhost
127.0.1.1 iqBase iqBase.iqetd.lan
192.168.60.254 iqBase.iqetd.lan
# The following lines
22 matches
Mail list logo
