Hi,
Does the MIT Kerberos' AS_REP (i.e TGT) contain a valid value for
key-expiration field.
Thnx
Prashant
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
I'm considering the use of a Kerberos proxy, to solve the problem of being
unable to do cross realm authentication though a Windows realm to an MIT
one, due to Windows not issuing referrals for external realms. The proxy
would issue referrals where needed instead of having the Windows KDC say
no
Before you do this, you may want to look at Trusted Domain Ojests
and Globus Catalog There may be a way to use the netdom command to:
Establish one-way or two-way trust relationships between domains,
including the following kinds of trust relationships:
...
The Windows Server
Thanks. I should have mentioned that I have also asked Microsoft about
the various bits of netdom that seem as if they might work, e.g. netdom
/addtln. But I will do some more research of my own.
Another complication is that we have hosts in both Windows and MIT realms
scattered thoughout the
Richard Silverman wrote:
Thanks. I should have mentioned that I have also asked Microsoft about
the various bits of netdom that seem as if they might work, e.g. netdom
/addtln. But I will do some more research of my own.
Another complication is that we have hosts in both Windows and
Thank you Marcus for the reply.
Please find additional details about this problem:
We are using MIT Kerberos V4 release 9 in our production system. The OS we
are using is UNIX-MPRAS which runs on NCR-5100 machines. This configuration
is same on the client side and the server side.
The exact
Krishna Venigalla [EMAIL PROTECTED] writes:
...
We are using MIT Kerberos V4 release 9 in our production system. The OS we
are using is UNIX-MPRAS which runs on NCR-5100 machines. This configuration
...
dumping continuously. The size of the dump increased to 800MB which is 14MB
in the normal