Hi, I'm currently facing a problem when implementing a kerberos based SSO solution with SAP on Linux and an Active Directory. Usually this works fine for ABAP and JAVA but in the current environment I have a different situation. On the client machine I need the kerberos credentials (TGT) to be stored in the Windows LSA cache. Usually this happens automatically when logging on to a Microsoft Domain. Unfortunately I cannot logon from the workstations to my domain using the windows-logon because I'm using Novell. Besides my Novell eDirectory there is an Active directory domain.
So I tried the following (maybe a stupid idea): After windows has logged on to Novell --> start MIT Kerberos Client and obtain credentials from the Domain controller. After that I get the following tickets in my local cache: C:\Programme\MIT\Kerberos\bin>klist Ticket cache: API:[email protected] Default principal: [email protected] Valid starting Expires Service principal 11/02/09 16:22:50 11/03/09 02:22:50 krbtgt/[email protected] renew until 11/09/09 16:21:35 Now I have tried to to copy these credential to windows LSA cache using mit2ms: C:\Programme\MIT\Kerberos\bin>mit2ms.exe mit2ms.exe: No credentials cache found while opening MS LSA ccache Unfortunately kerbtray does not show me any ticket in the LSY cache. Which parameters do I need for the mit2ms executable or is my idea not working at all? How can I transfer the tickets from the MIT Client cache to the LSA cache of Windows? Thanks in advance Christoph ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
