On 9/27/2010 8:11 PM, Tom Parker wrote:
I apologize for the long posting. I am stumped here and my scenario
is a bit complex.
As I am sure the list has noticed from all my questions, in the past few
weeks I have been trying to build a distributed Kerberos/LDAP system
with hosts
Greg Hudson wrote:
I've checked in the following fix, which is to treat
krb5_c_enctype_compare errors as non-fatal. If the ktype argument is
invalid, no kvno will match and the function will eventually return
KRB5_KDB_NO_MATCHING_KEY, which I think is fine; if the key entry
enctype is
Nico, thank you for your help!
We are not using NAT, so I am not concerned about possible trouble
caused by using IP addresses
to control where a ticket can be used from.
I tried playing with the noaddresses option in krb5.conf: if I request
a ticket with address I get one, if I request one
Thank you for your help!
We are not using NAT, so I am not concerned about using IP addresses
to control where a ticket can be used from.
I tried playing with the noaddresses option in krb5.conf: if I request
a ticket with address I get one, if I request one without I also get
one.
I would like
Here is my setup...
I have a Windows 2003 DC running active directory (dc.domain.com)
I have a Linux Apache web server that I wish to allow access to.
(apache.domain.com)
I have installed mod_auth_kerb
I found an excellent tutorial here: http://www.grolmsnet.de/kerbtut/ which I
followed, but
What we ended up doing was creating virtual IP addresses for each
virtual host. It was the only way we could get it to work correctly
because, as I recall, it was the only way to get the server to reply
with the same hostname as that which the client had requested.
This was our experience, though
On Sep 27, 9:58 am, Nikolay Shopik sho...@inblock.ru wrote:
Hi,
I wounder how correctly generate keytabs for virtual hosts in Apache?
From what I read, most cases suggest create keytab for HTTP/hostname
where is hostname is actual hostname of machine not virtual hostname.
Error logs show
On 09/29/2010 10:34 AM, Douglas E. Engert wrote:
On 9/27/2010 8:11 PM, Tom Parker wrote:
I apologize for the long posting. I am stumped here and my scenario
is a bit complex.
As I am sure the list has noticed from all my questions, in the past few
weeks I have been trying to build a