At 02:31 PM 7/31/2005, Nikola Milutinovic wrote:
How about IMAP kerberized client in general? I'm using Cyrus IMAP 2.2.10 on Tru64 UNIX and it lives in a MS ADS envirnoment. Will both MS Outlook Express and MS Outlook 2003/XP work as GSSAPI clients? I thought I heard that Mulberry from Cyrusoft was also Kerberized. Of course, it is not free.
Sure, you can find several Kerberized IMAP servers and clients. And you can use Microsoft's Active Directory for your Kerberos KDC, no problem. You just can't use Outlook, or Microsoft Exchange IMAP with anyone elses KDC. Microsoft has made sure that in setting up a Kerberized network environment you should always use "their" server products as your KDCs. Use anything else and you will not be forgiven. You want to use MIT KDC, or Hesiod, forget it. You will expend to much time and effort on something that will eventually not work anyway. The funny thing is, if you are going to store passwords on your Microsoft AD server acting as a KDC, then what is the point of having a KDC in the first place...in terms of Microsoft authentication? This is why I say that Microsoft uses Kerberos just to appease the 'nix natives. It certainly has little use in their own products.
Rodney
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
