Kurt A Bolko wrote: > Hello, > > I was wondering if anyone had successfully authenticated a kerberos client > on linux/solaris/sgi to a windows ADS server? If so what information did > you require from the ADS configuration to properly configure the linux > client? > > What I'm attempting to do is to authenticate a client through pam to an > ADS server. This is an attempt to create a single login for all users on > our network, thus eliminating our linux ldap server. > > Thanks, >
Im assuming ADS = Active Directory Server... if not, disregard everything below this line :) There should be no problem authenticating Unix users to an AD KDC, just configure your krb5.conf files on the Unix systems to use the correct realm and server and it *should* work. UNLESS, your user's in the Active Directory server are in alot of "groups" in the AD Domain, then you will have problems because AD will try to send responses to your client over TCP, but MIT-based Kerberos clients don't (yet) support TCP responses. This brings up a question I've been wondering - when is MIT going to include TCP support, at least on the client side, so that they can receive and process TCP responses from AD ? -Wyllys ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos
