We have a working setup with MIT Kerberos (as provided by DECathena), MIT aklog (as provided by MIT). aklog happily obtains a ticket for afs@REALM, and tokenises it. DECathena now provides its own aklog, which attempts to obtain a ticket for afs.realm@REALM, much like the normal Kerberos tgt (krbtgt.REALM.REALM). It fails, there being no such principal. Who's right, MIT or DEC? Using the realm as instance leads the way to cross-realm authentication (which is a Good Thing), but the existing setup works, and I'm loath to fiddle with such an important aspect of a working system. Will AFS (3.2) trust both instances? Peter Lister [EMAIL PROTECTED] Computer Centre, Cranfield Institute of Technology, Voice: +44 234 754200 ext 2828 Cranfield, Bedfordshire MK43 0AL England Fax: +44 234 750875
which ticket (does/should) aklog use?
Peter Lister, Cranfield Computer Centre Mon, 5 Jul 93 07:37:39 -0400
- Re: which ticket (does/should) akl... Peter Lister, Cranfield Computer Centre
- Re: which ticket (does/should... Roland Schemers
- Re: which ticket (does/should... Marc Horowitz
- Re: which ticket (does/should... Peter Lister, Cranfield Computer Centre
