On 16/10/2013 4:36 p.m., Eliezer Croitoru wrote:
On 10/15/2013 02:12 PM, Marko Cupać wrote:
Thank you for your will to help me. It was my mistake, as I recompiled
the port in order to get LDAP authentication helpers which I had
previously turned off. This of course reinstalled rc script which
overwrote line crucial for kerberos to work (export KRB5_KTNAME).
I even wrote about this on freebsd-ports list, anticipating problems:
http://lists.freebsd.org/pipermail/freebsd-ports/2013-October/086799.html
After re-adding the line I am authenticated again.
Now I need to figure out other aspects how to simulate other aspects of
dansguardian/NTLM (such as more informative error pages) but that will
be another thread perhaps.
Hey,
I am a bit curios about something.
why NTLM now?
I am asking since I am not sure since when Kerberos is like the basic
auth service for MS and many other IT infrastructures..
Since 2006 officially.
Which kind of answers your question. We are still inside the 5-10 year
period where Kerberos is being picked up by Enterprise admin but not yet
having reached the 10+ year period where the slowest refresh cycles take
place. So Kerberos is not quite universally usable on some networks.
Which for a critical security update is quite disappointing.
Amos
