Hi Markus
Is it possible to do:
netdom trust HHK.DK /domain:CBS.DK /addtln:od.cbs.dk
And only have windows clients ask my MIT kerberos server when accessing
https://od.cbs.dk ?
or is it only for the whole domain.
Med Venlig Hilsen / Kind Regards
Mikkel Kruse
Johnsen
Adm.Dir.
Linet
Ørholmg
On Sep 22, 5:04 pm, Peter wrote:
> On Sep 22, 2:33 pm, Nicolas Williams wrote:
>
>
>
> > On Tue, Sep 22, 2009 at 09:50:19AM -0700, Peter wrote:
> > > From what I can tell, this change was not pushed as a critical update,
> > > I had to install a patch manually to get channel binding capability
>
On Sep 22, 2:33 pm, Nicolas Williams wrote:
> On Tue, Sep 22, 2009 at 09:50:19AM -0700, Peter wrote:
> > From what I can tell, this change was not pushed as a critical update,
> > I had to install a patch manually to get channel binding capability
> > for Windows XP (http://support.microsoft.com/k
Do you look for something like ?
netdom trust WINDOWS2003.HOME /domain:SUSE.HOME /addtln:suse.home
This tells the w2k3 domain WINDOWS2003.HOME that hosts with in the domain
suse.home belong to the MIT domain SUSE.HOME
Markus
"Mikkel Kruse Johnsen" wrote in message
news:mailman.20.12536096
On Tue, Sep 22, 2009 at 09:50:19AM -0700, Peter wrote:
> From what I can tell, this change was not pushed as a critical update,
> I had to install a patch manually to get channel binding capability
> for Windows XP (http://support.microsoft.com/kb/968389). I've done
> some experimenting with both
What is the java problem ? Does java not ignore channel bindings when set to
GSS_C_NO_CHANNEL_BINDINGS in gss_accept as C does ? Does Windows use any
data in the channel binding or just the src/dest IPs ? Where is that
documented ( I couldn't find it ) ?
Thank you
Markus
"Peter" wrote in mess
On Aug 27, 1:26 pm, Jeffrey Altman
wrote:
> Markus Moeller wrote:
> > I am reading the MS article aboutIWAand extended protection
> >http://msdn.microsoft.com/en-us/library/dd639324.aspx and wonder if this
> > affects GSSAPI based applications like Apache with mod_auth_kerb ? Does
> > this mean M
On Sat, Aug 29, 2009 at 11:01:19AM -0400, Chris wrote:
> On Fri, Aug 28, 2009 at 09:27:44PM -0400, Greg Hudson wrote:
> > On Fri, 2009-08-28 at 16:04 -0400, Chris wrote:
> > > [r...@wopr ~]# kvno host/sf9ca98.domain.com
> > > host/sf9ca98.domain@domain.com: kvno = 7
> > > [r...@wopr ~]# kvno ho
Hi All
I have a trust between my Windows 2003 AD (HHK.DK) and my RHEL5 MIT
Kerberos (CBS.DK).
On the Windows machines I have:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\CBS.DK
KdcNames: kdc1.cbs.dk kdc2.cbs.dk
Adding "HTTP/od.cbs...@cbs.dk" to my CBS.DK and using mod_auth_k