So one should not expect KDC output when running "gsscred -a"?
[EMAIL PROTECTED] wrote in message
news:<[EMAIL PROTECTED]>...
> The gsscred command makes GSS/Kerberos names out of usernames.
> That's all it does.
>
> So what could there be for the KDC to do for gsscred? Principal
> name validation? A principal name might be valid one moment,
> and later not (e.g., a user might be fired/layed off or quit
> soon after you create a gsscred db entry for her), so that's
> not really useful (principal name "validation" is really done
> during GSS context setup).
>
> Cheers,
>
> Nico
> --
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, July 05, 2002 2:04 PM
> > To: [EMAIL PROTECTED]
> > Subject: How does gsscred work?
> >
> >
> > I have install a KDC on a Solaris machine which will act as the
> > server. My client machine is a HP-UX. I got gss-server (Solaris) and
> > gss-client (Solaris and HP-UX) working without any problems.
> >
> > Then I ported gsscred on HP-UX. The utility executed without any
> > errors and generated gsscred_db for the Kerberos mechanism. However,
> > I don't see any output from KDC log file when gsscred is executed.
> > Shouldn't gsscred be talking to the KDC?
> >
> > How about gssd? Which services/principals are gsscred/gssd utilizing
> > when going over to the KDC?
> > ________________________________________________
> > Kerberos mailing list [EMAIL PROTECTED]
> > http://mailman.mit.edu/mailman/listinfo/kerberos
> >
>
> Visit our website at http://www.ubswarburg.com
>
> This message contains confidential information and is intended only
> for the individual named. If you are not the named addressee you
> should not disseminate, distribute or copy this e-mail. Please
> notify the sender immediately by e-mail if you have received this
> e-mail by mistake and delete this e-mail from your system.
>
> E-mail transmission cannot be guaranteed to be secure or error-free
> as information could be intercepted, corrupted, lost, destroyed,
> arrive late or incomplete, or contain viruses. The sender therefore
> does not accept liability for any errors or omissions in the contents
> of this message which arise as a result of e-mail transmission. If
> verification is required please request a hard-copy version. This
> message is provided for informational purposes and should not be
> construed as a solicitation or offer to buy or sell any securities or
> related financial instruments.
>
> ________________________________________________
> Kerberos mailing list [EMAIL PROTECTED]
> http://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
http://mailman.mit.edu/mailman/listinfo/kerberos
