"Neulinger, Nathan" wrote: > > Unfortunately, most users who are using k5 on windows are probably using > it with AD, and with AD you're screwed if you use groups, cause your > tickets get enormous. That's why my modified krb524d has to decrypt and > strip off the extra ticket data, then re-encrypt, in order to use > rxkad2b.
Good point. I saw a MS article the other day where they increased the maximum size of ticket from 8000 to 12000 bytes. Someone must have bumped up against this limit! > > For non-AD sites, it might work. > > -- Nathan > > ------------------------------------------------------------ > Nathan Neulinger EMail: [EMAIL PROTECTED] > University of Missouri - Rolla Phone: (573) 341-4841 > Computing Services Fax: (573) 341-4216 > > > -----Original Message----- > > From: Douglas E. Engert [mailto:[EMAIL PROTECTED] > > Sent: Monday, June 16, 2003 3:11 PM > > To: [EMAIL PROTECTED] > > Subject: [OpenAFS-devel] Modifing afscreds.exe on W2K to > > useLSACallAuthenticationPackage > > > > > > > > Has anyone looked at modifing the afscreds.exe to use the > > Microsoft LSACallAuthenticationPackage to get a K5 ticket > > for [EMAIL PROTECTED] It looks like this would be an easy way to > > get a token, now that OpenAFS can take a K5 ticket as a token. > > > > This should easily work when the cellname == realmname. > > > > > > > > > > > > -- > > > > Douglas E. Engert <[EMAIL PROTECTED]> > > Argonne National Laboratory > > 9700 South Cass Avenue > > Argonne, Illinois 60439 > > (630) 252-5444 > > _______________________________________________ > > OpenAFS-devel mailing list > > [EMAIL PROTECTED] > > https://lists.openafs.org/mailman/listinfo/openafs-devel > > -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ OpenAFS-devel mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-devel
