Hi Achim,
I can solve this problem by drawing upon a way you said.
Cgi-bin directory isn't contained within territory of Kerberos Authentication!
I didn't pick up on this.
I changed httpd.conf as follows.
(I've written Kerberos config on httpd.conf not .htaccess)
from
Bill Smith wrote:
From what I've found, it seems to be an issue with the user being in too
many AD groups, the Windows KDC wanting to use TCP rather than UDP, and the
MIT version not supporting it. What I'm not certain on is whether is the
version shipped with Solaris 9 is MIT-based or
By default, Firefox will only perform GSSAPI (negotiate-auth) authentication
when the protocol is 'https://'.
Check the network.negotiate-auth.delegation-uris and
network.negotiate-auth.trusted-uris parameters (under about:config) and
make sure that you allow http://; as well as https://; if
On Monday, August 29, 2005 10:28:35 -0400 Wyllys Ingersoll
[EMAIL PROTECTED] wrote:
By default, Firefox will only perform GSSAPI (negotiate-auth)
authentication
when the protocol is 'https://'.
Check the network.negotiate-auth.delegation-uris and
network.negotiate-auth.trusted-uris
Jeffrey Hutzelman wrote:
By default, Firefox will only perform GSSAPI (negotiate-auth)
authentication
when the protocol is 'https://'.
Check the network.negotiate-auth.delegation-uris and
network.negotiate-auth.trusted-uris parameters (under about:config)
and
make sure that you allow http://;
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi!
I've got a domain here with some linux and some windows XP SP2 clients.
I setup a OpenAFS Cell, a windows 2003 server AD and a mit krb5 server
on linux.
All PCs should obtain access to the OpenAFS cell, so I planned all users
to obtain a realm on
I did notice that things seem to work properly in Solaris 10 and figured
it must include TCP support. Modifying the user account property to not
require kerberos pre-authentication has worked but that has some
implications of its own. I will investigate some of the other
suggestions though
Bill
Smith, William E. (Bill), Jr. wrote:
I did notice that things seem to work properly in Solaris 10 and figured
it must include TCP support. Modifying the user account property to not
require kerberos pre-authentication has worked but that has some
implications of its own.
The Solaris 10
Quoting Markus Moeller [EMAIL PROTECTED]:
Also can you do a kinit -k -t keytab HTTP/server successfully ?
Markus
Julien ALLANOS [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Quoting Jeffrey Altman [EMAIL PROTECTED]:
Julien ALLANOS wrote:
Quoting Jeffrey Altman [EMAIL
Hi guys,
I used to write a program to authenticate
users against windows 2000 AD by using MIT
Kerberos/GSSAPI SDK as well as SUN LDAP SDK. Basically
what I did is to authenticate users against AD by
using kerberos before doing LDAP search operations.
It was working perfectly until I wanted
11 matches
Mail list logo
