to de Santana - São Paulo - SP
> Telefones: (11) 6978-5253 / (11) 6978-5262
> Fax: (11) 6971-3115
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert
PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
ED]
> > https://mailman.mit.edu/mailman/listinfo/kerberos
> >
> >
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTE
Kent
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(6
> Dante M Burruss
> Department of State
> 703-875-4077
> Unclassified
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED
ECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
to what strig-to-key is being used.
>
> please tell me how to do.
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argo
Phone: 970-491-0630
> Engineering Network ServicesFax: 970-491-5569
> College of Engineering, CSU
> Ft. Collins, CO 80523-1301
>
> All I want is a chance to prove 'Money can't buy happiness'"
>
>
> Ker
ADME.GSSKLOG
ftp://achilles.ctd.anl.gov/pub/DEE/gssklog-0.8.tar
>
> TIA for your answers.
>
> Regards,
>
> Jerome Walter
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/lis
hanks.
Its a feature not a problem.
>
> Grace
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Labo
t/[EMAIL PROTECTED]
>
> ...Now someone (Ken Hornstein) suggested that I turn on logging for
> ftpd to log to the syslog. This was supposed to give me more
> information about the error. I now have ftpd logging to syslog but no
> new info; the same error is showing up in the syslog now.
> __
real ream name, one
can not determine if your problem is caused by your changing the
names or something else.
>
> thanks again all...
>
> [EMAIL PROTECTED] ("Douglas E. Engert") wrote in message news:<[EMAIL PROTECTED]>...
> > One other thing to watch is the
name. This did not work
> when I recently tried on a 2003 Server.
>
> Dirk.
>
> --
> Dr. Dirk Pape (Leiter des Rechnerbetriebs)
> FB Mathematik und Informatik der FU-Berlin
> Takustr. 9, 14195 Berlin
> Tel. +49 (30) 838 75143, Fax. +49 (30) 838 75190
> _________
s necessary to
> prove so, but not enough. About the server requirement for a key, my
> suggestion is for reading some documentation on how kerberos works,
> i.e., do the home work.
>
> best regards.
> ____________
> Kerberos mailing
___
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
___
> Do you Yahoo!?
> Protect your identity with Yahoo! Mail AddressGuard
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PR
gt;
> I am quite new to Kerberos and truly appreciate any help you might be
> able to give
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EM
t; Regards
> Vikas
> ____________
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne
QDMS.CO.IN= {
> kdc = beetle.qdms.co.in:88
> admin_server = beetle.qdms.co.in
> default_realm = QDMS.CO.IN
> }
> [capaths]
> QUARK.CO.IN = {
> QDMS.CO.IN = .
> }
> QDMS.CO.IN = {
>
SDK) samples
> successfully using SEAM KDC and ADSI kdc. Also I am able to ru the
> GSSAPI samples with SEAM successfully.
>
> Regards
> Vikas
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
_______
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
> Without -m it doesn't get as far as trying to contact kca.
>
> Bob
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
[EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list
.
We have not found the AD command to look at what kvno is in the AD.
Anyone know the command?
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerbe
that is from the client side.
Jeffrey Hutzelman wrote:
>
> On Wednesday, January 14, 2004 16:22:09 -0600 "Douglas E. Engert"
> <[EMAIL PROTECTED]> wrote:
>
> >
> > We recently upgraded one of our Windows AD servers to 2003. We have a
> > number of ser
ould need the capaths.
>
> [capaths]
> NOT.WIN.AD = {
> WIN.AD = .
> }
> WIN.AD = {
> WIN.AD = .
> }
>
> thanks,
> ...Mike
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> ht
d encourage the builders of OpenSSH to always have this enabled.
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [E
Jeffrey Altman wrote:
>
> Douglas E. Engert wrote:
>
> >In its simplest form, all that is needed is:
> >
> > system("/usr/ssh/libexec/aklog -setpag")
> >
> >
> You would probably want this to be a configurable option in the sshd
> configu
light of day before this release.
>
> - Ben
>
> On Mon, 26 Jan 2004, Douglas E. Engert wrote:
>
> >
> >
> > Jeffrey Altman wrote:
> > >
> > > Douglas E. Engert wrote:
> > >
> > > >In its simplest form, all that is
the password only one time, and then navigate with ssh between enabled
> machines without password - all this while preserving K5 creds and
> automatically obtaining AFS tokens.
>
> Andrei.
>
> On Mon, 26 Jan 2004, Douglas E. Engert wrote:
>
> > Rather then implementing
Kerberos has tried to tie
> in to them rather than import the PAG concept.
Any authenticated file system will have the same problem, be it
AFS, DFS, NFSv4... These was some discussion of PAGs on one of the
Linux mailing lists. The question came of what are the credentials
for accessing the local
Does your ssh_config file have:
GSSAPIDelegateCredentials yes
or you need to specify on the command line. -o
Andrei Maslennikov wrote:
>
> Hi Douglas, and thanks for your comment.
>
> On Mon, 26 Jan 2004, Douglas E. Engert wrote:
>
> >
> > 1) ssh to host A,
ros or LDAP for authentication in a large heterogeneous
> environment?
>
> Any info is, of course, greatly appreciated.
>
> - C
>
> --
> Email: [EMAIL PROTECTED]
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://m
formatik der FU-Berlin
> Takustr. 9, 14195 Berlin
> Tel. +49 (30) 838 75143, Fax. +49 (30) 838 75190
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PR
"Dr. Greg Wettstein" wrote:
>
> On Jan 29, 8:45am, "Douglas E. Engert" wrote:
> } Subject: Re: Kerberos vs. LDAP for authentication -- any opinions?
>
> > Many of the Browser issues can be addressed by Kx509 from the
> > Univrsity of Michigan.
_PATH_AFS_EXTERNAL_PROGRAM=\"$(AFS_EXTERNAL_PROGRAM)\" \
-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
-D_PATH_SSH_KEY_SIGN=\"$(SSH_KEYSIGN)\" \
-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
"Douglas E. Engert" wrote:
>
> Rather
snow.
>
> I hope the following attributions are correct. Additional comments
> below.
>
> > > On Jan 29, 8:45am, "Douglas E. Engert" wrote:
> > > } Subject: Re: Kerberos vs. LDAP for authentication -- any opinions?
> > >
> > >> Many o
___
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_
uld be a way to do this. (I have one that
works with krb5-1.3.2, and follows the GGF draft.)
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL
e thought needs to be given to
> scalability issues Kerberos faces in large heterogenous environments.
I use cross realm every day. You must be missing something.
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mai
> James Walthall Jr
> IBM - Host Integration Server Test IDD and BETA
> Outside: (919) 254-8869
> Tieline: 444-8869
> Research Triangle Park
> Raleigh, North Carolina
> ____
> Kerberos mailing list [EMAIL PROTECTED]
>
any ideas (or if this is off topic, can someone tell me a
> newsgroup where I an find this out at?)
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <
?
What does ksetup on the workstion show?
> ________
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9
wrong?
> >
> > thank you,
> >
> > Tyson Oswald
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argon
list -f -e
Then try
kinit -S t/[EMAIL PROTECTED]
which will ask for your user and password, then try and get a service ticket
for the host.
Also look at the /etc/krb5.conf file. (I think SEAM uses the same locaiton.)
>
> thanks,
>
> Tyson Oswald
>
> "Douglas E.
; Aborted.
>
> If someone is help me out here as to why I am getting these error messages I
> would appreciate it.
>
> Thanks,
>
> Puneet
>
>
> --
> Puneet Talwar
> Unix Administrator
>
> __
x27;0x2'
> Stop.
> NMAKE : fatal error U1077: '"C:\Program Files\Microsoft Visual
> Studio\VC98\Bin\NMAKE.EXE"' : return code '0x2'
> Stop.
> NMAKE : fatal error U1077: '"C:\Program Files\Microsoft Visual
> Studio\VC98\Bin\NMAKE.EXE"' : return code '0x2'
> Stop.
>
> -
>
> i looked at the source code, but i'm not very familiar with c! thx
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
ke care of that?
>
> Thanks for any help.
>
> Scott
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne Nat
Scott Ehrlich wrote:
>
> On Wed, 25 Feb 2004, Douglas E. Engert wrote:
>
> > Date: Wed, 25 Feb 2004 09:56:53 -0600
> > From: Douglas E. Engert <[EMAIL PROTECTED]>
> > To: Scott Ehrlich <[EMAIL PROTECTED]>
> > Cc: [EMAIL PROTECTED]
> > Subject
Sam Hartman wrote:
>
> >>>>> "Douglas" == Douglas E Engert <[EMAIL PROTECTED]> writes:
>
> Douglas> OpenSSH-3.8 released yesterday contains the gssapi
> Douglas> patch. It also contains changes to use the krb5-config,
> Douglas
Sam Hartman wrote:
>
> >>>>> "Douglas" == Douglas E Engert <[EMAIL PROTECTED]> writes:
>
> Douglas> That may be true. But just getting the OpenSSH people to
> Douglas> add the the gssapi authenticaiton to OpenSSH-3.8 was a
> Do
warning 527: Integral value
> implicitly converted to pointer in assignment.
> cc: "../../../include/foreachaddr.c", line 555: warning 563: Argument #3 is
> not the correct type.
> cc: "../../../include/foreachaddr.c", line 550: error 1563: Expression in if
> mu
Do you have IPv6 on any HP_UX11i? If so you might be able to
test a real fix for this problem.
Peter Losher wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wednesday 03 March 2004 03:58 pm, Douglas E. Engert wrote:
> > I saw this last week and sent in a
Peter Losher wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Wednesday 03 March 2004 03:58 pm, Douglas E. Engert wrote:
> > I saw this last week and sent in a patch to at least get it to run
> > on 11i.
>
> Thanks, got further along, worked a
the keys for the others in
> > ms419> another. Any problems with these premises?
> >
> > Yes. Current Kerberos implementations assume a host belongs to one
> > realm. You'll find it difficult to actually do this.
> >
> > Also, users will end up having mu
it commands to reset the user's password.
If you are intetrested I can send them.
>
> Thanks for advance.
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
-
ssing the mark here, what should I do to make it work?
>
You can override the default location by setting the KRB5_CONFIG
in the environment to point at the krb5.conf.
> --
> Thanks,
> Ish-Lev Avshalom
>
> ____________
> Kerbero
to believe that we are the only shop which is configured in this
> manner.
>
> If anyone has any insight on how to solve this problem/error and would be willing to
> share their resolution we would appreciate hearing from you.
>
> Thank you,
> -Butch
>
>
> ___
Missouri - Rolla Phone: (573) 341-6679
> UMR Information Technology Fax: (573) 341-4216
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E.
t; Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
technic Institute
> phone: 518 276-6415 fax: 518 276-2809
>
> http://www.rpi.edu/~bacchi/
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <
this be done using gss-api
> > calls or kerberos calls?
> >
> > any insights are much appreciated. thanks!
> > have a nice weekend guys!
> >
> > melissa
> ____________
> Kerberos mailing list [EMAIL PROTECTED]
> https
_
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_
comment, the Sun pam_krb5 when passed the debug option writes
the password to syslog! This is not a good praticis even when testing.
>
> --
> Will Fiveash
> Sun Microsystems Inc.
> Austin, TX, USA (TZ=CST6CDT)
> ____________
> Kerberos
ill support delegated credentials and authorization
> facilities that are on par with kerberized in.telnetd/in.rlogind.
>
> I'm not sure which Solaris 10 beta or Solaris Express release this will
> show up in, but do look for it soon.
>
> I'll update this list as soon as
0: new [client-session]
> | debug1: Entering interactive session.
> `
>
> Any ideas why this is not working?
>
> -Eric
> --
> "Excuse me --- Di Du Du Dh Di Dii --- Huh Weeeh" (Albert King
ould I add pam_ldap? I modified the nsswitch.conf. what else does it
> > want from m? hehehe :D
> >
> > well, any insight is much appreciated. thanks!
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit
Encoding: 7bit
> Description: This is a digitally signed message part
>
>
> ---
>
> Kerberos mailing list
1.3.x for better interoperability with Windows.
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700
__
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
__
; Thanks
>
> Bart
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass
type. They both have the same key, and
kvno but different enctypes.
(Microsoft should have had two flags.)
>
> thanks
>
> Dominik
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/ma
Jeffrey Altman wrote:
> Douglas E. Engert wrote:
> >
> > "D. Schikora" wrote:
> >
> >>Hallo
> >>
> >>Is there anywhere one guide for Kerberos and Windows 2003 Server. I can only
> >>find the old one for W2K and I hope there ar
Jeffrey Altman wrote:
> Douglas E. Engert wrote:
> > The AD should know what types are acceptable to the SERVER and select one
> > of these which is in the list provided by the client, or ignore the client or fail.
>
> This is correct.
>
> > I have seen cases wh
[EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
rypted in the key of the server that is in the keytab file. The server must
decrypt parts of the ticket to verify thet user, and to get the session key to be used
later.
>
>
> Thanks,
> Claude
>
>
> Kerberos mailing list [E
> Computer Systems Mgr/WebCT Admin
> Texas A&M University at Galveston
> 200 Seawolf Parkway
> Galveston, Texas 77553
> (409) 740-4961
> Fax (409) 740-4450
>
> ____
> Kerberos mailing list [EMAIL PROTECTED]
> https
t my problem, I was responding to the e-mail of others. The problem
was with kinit not finding the KDC which should have nothing to do with PAM.
>
> Hth,
>
> Pierre Goyette
> Hummingbird Ltd.
>
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL P
service ticket from that realm.
>
> It would be great if anyone can give me a hint what to do next.
>
> Thanks Schikora
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
please give me a step-by-step guidelines on setting up my
> Server and Client boxes?
>
> Thanks
> Gururaj,
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E
service in his Kerberos database. Question is why not and how he chooses
> which service is in which realm. DNS Lookup?
I believe the AD uses the Forest's Global catalog, or some other forest
to forest protocol. But not that this is MS only. It is not clear if the AD
has a way to refer you to
AM for Solaris 8, and still had the
> >> same problem.
> >>
> >> Regards,
> >>
> >> Eliot
> >>
> >> ==========
> >> Eliot Lebsack (781) 271-5830
> >> Lead
have to point at this, or set the KRB5CCNAME to
point at it.
.
>
>
> --David
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECT
ft.com/windows2000/techinfo/planning/security/kerbsteps.asp
>
>
> Thanks to help me
>
>
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Ca
list [EMAIL PROTECTED]
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
t
> - Guy de
> Maupassant -
>
> __
> Do You Yahoo!?
> Tired of spam? Yahoo! M
client machine. Do I need to start that service for any reasons
No, the KDC is only run on the domain controllers.
>
> Thanks in adv.
Most Windows domain users never heard of Kerberos, and don't need to
know it is even there.
>
> Regards,
> Gururaj
>
> [EMAIL PR
is frustrating because I had the system working correctly
> prior to upgrading the KDC to a windows 2003 machine. I need some
> suggestions on where to look next.
> ____
> Kerberos mailing list [EMAIL PROTECTED]
> https://mailma
Lara Adianto wrote:
>
> --- "Douglas E. Engert" <[EMAIL PROTECTED]> wrote:
>
> >
> >
> > Lara Adianto wrote:
> > >
> > > Hi,
> > >
> > > I have a strange problem with cross-realm
> > authentication.
> >
assword anymore to
> access test_w2kserver).
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
ECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Kerberos mailing list [EMAIL PROTE
er.conf /krb5/sbin/ftpd -l -a
I would appreciate every hint.
The other approach for our problem would be to find or implement an RPC
on the windows server running AD, which like kadmin/kadmind enables
admins to create SPNs remotely and transfer keytab securely to the
service host.
last question:
it is.
Some idea???
Tnks!
[]s!
Rodolfo
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Av
incompatible.
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(63
versions that do not
support TCP to the KDC.
"An update is available that introduces the NO_AUTH_REQUIRED flag to
the UserAccountControl property in Windows 2000"
http://support.microsoft.com/?kbid=832572
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
It is only activated for an account when the
NO_AUTH_DATA_REQUIRED flag is set.
The widespread deployment of KDCs under the guise of Active Directory
provides a great opportunity for kerberos. Hopefully we can soon put PAC
problems behind us and realise our SSO dreams.
Bob
--
Douglas E. Engert <[EMAIL PROTECTED
end using both, but I believe sequence is typically a
superset.
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit
oken. The above patch to 3.9 should allow the
pam_openafs_session to see the KRB5CCNAME, or is a start so the
pam_openafs_session can be convertd to a pam_sm_setcred to
use the KRB5CCNAME in all cases.
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South
Sensei wrote:
Douglas E. Engert wrote:
See http://bugzilla.mindrot.org/show_bug.cgi?id=918
Ok, but it doesn't work. Not with the patch, not with gssapi, not with
pam, not with anything.
Yes use it all the time with gssapi.
So how it comes you have it working? What are your settings?
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 25
1 - 100 of 720 matches
Mail list logo