On Wed, 2004-02-04 at 10:07, Marneweck, Johan wrote:
Reader,
I am looking for assistance making MIT Kerberos work with SAP R3 enterprise,
Solaris 8, Microsoft W2K. We want to use SSO with SAP. I would really
appreciate it if someone can point me in the correct direction or give me
Microsoft Security Bulletin MS04-007:
ASN.1 Vulnerability Could Allow Code Execution (828028)
Bulletin URL:
http://www.microsoft.com/technet/security/bulletin/MS04-007.asp
Summary:
Version Number: V1.0
Revision Date: 02-10-2004
Impact of Vulnerability: Remote Code Execution
Maximum Severity
Gabe [EMAIL PROTECTED] writes:
In particular, I'm looking for Kerberos libraries for the
PocketPC or PalmOS platforms, but knowing the existence of any vendors would
probably be better than nothing.
I'm not aware of anyone shipping Kerberos for either.
I can't speak to PocketPC at all, but
I have another problem regarding installation of the slave KDC:
by the time I get to this point in documentation:
http://web.mit.edu/kerberos/krb5-1.3/krb5-1.3.1/doc/krb5-install.html#Create%20Host%20Keys%20for%20the%20Slave%20KDCs
I have done nothing at all with my machine that will be used as
Hi,
I have installed Kerberos 5 on a red hat linux 8 machine (it comes
as a package install)... I have followed the directions thus far until the
following section:
http://web.mit.edu/kerberos/krb5-1.3/krb5-1.3.1/doc/krb5-install.html#Create%20Host%20Keys%20for%20the%20Slave%20KDCs
To MIT Kerberos Support,
Hope you can help with this problem I am having. I am running one Domain Controller
with Windows 2003 Server and Exchange 2003 Server. Every 15 minutes in my Event Viewer
I am receiving the error report noted below. The LSASS.exe is running at 99% CPU
usage because
Do I have to create a principal for a service? I created a host
principal and then a service principal, and then I added them to my
keytab, but I am not sure if I had to add the service principal. This
is for current Kerberos 5 from MIT.
This is what I did.
addprinc host/[EMAIL PROTECTED]
This message and any attachments are confidential. Unauthorized use
or disclosure of this message is strictly prohibited, and this message
must be destroyed immediately if received by an unauthorized recipient.
---BeginMessage---
---End Message---
It mostly will depend on the clients that you are using, and what
service principle they are requesting. Some Kerberized ftp
clients will simply ask for a service ticket for the host's
principle (host/[EMAIL PROTECTED]). Others will ask for
a service ticket specific to the service
RedHat installs it's kerberos packages into
/usr/kerberos/{sbin,bin,lib,etc...} directories.
You can look for all of the files included in the package with
the following command:
'rpm -ql PACKAGE-NAME' wher PACKAGE-NAME is krb5-workstation,
krb5-devel, etc.
So, you should find it in
Brian Lavender [EMAIL PROTECTED] writes:
Do I have to create a principal for a service? I created a host
principal and then a service principal, and then I added them to my
keytab, but I am not sure if I had to add the service principal. This is
for current Kerberos 5 from MIT.
This is what
On Tuesday, Feb 10, 2004, at 21:48 US/Eastern, Russ Allbery wrote:
Is it necessary to add the service?
It depends entirely on what your ftp server and client are using to do
authentication. It looks like the version that comes with MIT tries
ftp/hostname.example.com and then falls back on
For Windows 2000 Server the key is:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
AllowTGTSessionKey = 0x01 (DWORD)
Yes this worked. And then after adding arcfour-hmac-md5 to krb5.ini (and
krb5.conf for kerberised openssh under cygwin) all works perfectly; I can
now
13 matches
Mail list logo
