If you need to solve this problem for a specific user, try creating a special edu.mit.Kerberos file which has "dns_fallback = no" set in [libdefaults] and only a v4 configuration (ie: [v4 realms] and [v4 domain_realm] only). Then set the KRB5_CONFIG environment variable to point to that file and run kinit. I haven't tried this with all versions of Kerberos for OS X, but it should work.
Note however that you may get the confusing behavior I described above if you attempt to use other applications (such as Kerberos.app) to examine the tickets.
On Nov 26, 2004, at 3:42 PM, Sam Hartman wrote:
"Henry" == Henry B Hotz <[EMAIL PROTECTED]> writes:
Henry> Looks like Heimdal, not MIT. What do you get with "kinit Henry> --version"? (Heimdal will print a version message. MIT Henry> will ignore the option and just try to authenticate you Henry> anyway.)
No, MIT's kinit supports the -4 option for our Unix builds. note that the kinit for OS X does not share code with the kinit on typical Unix builds.
If the OS X kinit is missing features you care about, open a feature request with bugreport.apple.com.
--Sam
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
