On Thursday 19 February 2015, Keutel, Jochen (mlists) wrote: > Does this mean that currently - using a native ActiveState Perl > installation and only ActiveState PPMs - there is no way to get this > working?
This means that you can build your own GSSAPI-module using * a C-Compiler * Kerberos for Windows with header-files (for example MIT Kerberos) and put it in your own ppm Package. > Or can I do this "use SSPI and wrap a Authen::SASL adapter around it" > within my Perl script? This means writing a Perl module, for example "Authen::SASL::WinSSPI" that implements the Authen::SASL interface an makes use of Win32::IntAuth. I think everyone with knowledge in SASL and Kerberos/GSSAPI can do this. If a find some sparetime within the next days I can try to start a "proof of concept"-implementation. > The problem is that I have several Perl scripts that have to run on a > Windows server regularly via Windows Task Scheduler. The guys in the > operating want that the scripts are running under an existing Windows > account. > They don't allow me to put a LDAP password in cleartext into a config file. So using authentication based on GSSAPI.pm is not an option, because you have to find a way to get a TGT when the scheduler runs the script. This means a) feed a keytab to kinit or b) feed a password to kinit. Hmmm..., perhaps the guys in operating don't understand what a keytab is, so this is the hole you can slip through :-) :-) :-) Best Regards, Achim
