DK,
Our KDC product has a module to sync passwords with accounts in Active Directory.
Please let me know if you are interested ?
Thanks, Tim.
-Original Message-
From: Digant Kasundra [mailto:[EMAIL PROTECTED]
Sent: 11 March 2004 06:47
To: '[EMAIL PROTECTED]'
Subject: Password
Since password syncing would only be a temporary/transitional service, we
want to continue using the MIT KDC. Otherwise, we then have to figure out
how to transition from your product back to MIT Kerb. Is you product able
to sync between MIT Kerb and AD?
-
Digant
Since I haven't seen any replies to this I thought I'd give my 2
cents worth. I my opinion a root principal is a REALLY bad idea.
It basically will give that principal root access and privileges to any
machine in your organization that allows remote kerberos authentication.
This can also go for
Jack,
The process works something like :
1. User enters logon details at workstation
2. Workstation kerberos client requests initial tgt from REALM0 (krbtgt/[EMAIL
PROTECTED])
3. User has now authenticated against REALM0
4. You run a client application which needs to send your principal name to
On Thursday, March 11, 2004 16:38:46 -0800 Henry B. Hotz
[EMAIL PROTECTED] wrote:
Where is the real description of the string-to-key functions, V4, AFS,
and V5?
My specific question is whether any of them have hard upper bounds on
password length. Saw a reference that seemed to imply they
At 12:00 PM -0500 3/11/04, [EMAIL PROTECTED] wrote:
Date: Thu, 11 Mar 2004 00:46:53 -0600
From: Digant Kasundra [EMAIL PROTECTED]
To: '[EMAIL PROTECTED]' [EMAIL PROTECTED]
Subject: Password synching
Message-ID: [EMAIL PROTECTED]
Content-Type: text/plain
MIME-Version: 1.0
Precedence: list
Message:
I have two working realms: LAT and RUZ. I created principals
krbtgt/[EMAIL PROTECTED] and krbtgt/[EMAIL PROTECTED]. I used kdb5_util -r RUZ dump
datatrans krbtgt/[EMAIL PROTECTED] krbtgt/[EMAIL PROTECTED] and kdb5_util -r LAT load
-update datatrans to transfer these principles from one realm to