Thanks Steve for the great investigation! You're right there's an implementation gap here. Please feel free working on this. Look forward to your patch. I thought Yaning would be ready to review and commit it.
Regards, Kai -----Original Message----- From: Steve Moyer [mailto:[email protected]] Sent: Tuesday, November 03, 2015 11:48 PM To: Apache Directory Developers List <[email protected]> Subject: Re: [jira] [Created] (DIRKRB-440) Enhance Kinit to request a service ticket I've been working on what is, in essence, the Kerberos kvno tool (except our Java code verifies that the slaves are synchronized to the master) and have been fighting against a problem that I believes underlies the -S option of KinitTool.java. When you request a TGT, you can add a server name (principal) which should be of type "Service and Instance (2)". Currently, the client's requestTgtWithOptions() method doesn't seem to support either the SERVICE_PRINCIPAL or SERVER_PRINCIPAL options. I'm looking into why. Looking at Wireshark, I think it's just not implemented in the client library code. Regardless of the values passed, the server name remains the (default) krbtgt@<DOMAIN>. I'll submit a patch once I get the client's TGT request working. Steve -- “The mark of the immature man is that he wants to die nobly for a cause, while the mark of the mature man is that he wants to live humbly for one.” - Wilhelm Stekel ----- Original Message ----- From: "Xu Yaning (JIRA)" <[email protected]> To: [email protected] Sent: Tuesday, November 3, 2015 7:28:27 AM Subject: [jira] [Created] (DIRKRB-440) Enhance Kinit to request a service ticket Xu Yaning created DIRKRB-440: -------------------------------- Summary: Enhance Kinit to request a service ticket Key: DIRKRB-440 URL: https://issues.apache.org/jira/browse/DIRKRB-440 Project: Directory Kerberos Issue Type: New Feature Reporter: Xu Yaning In the USAGE of {{KinitTool.java}}, it supports parameter "-S service_name" to enable the user to request a service ticket. It just need to be implemented. -- This message was sent by Atlassian JIRA (v6.3.4#6332)
