On Tue, Apr 17, 2018 at 9:32 AM, Sergei Gerasenko wrote:
> Thank you so much for confirming that the KDCs are fast. This saved me a
> ton of time writing my own tests, etc. Andrew, as far as workers, is it one
> worker per core in general as Russ theorized?
>
I haven't played
On Mon, Apr 16, 2018 at 5:41 PM, Russ Allbery wrote:
> Sergei Gerasenko writes:
>
> > Will keeping an access log slow me down much, do you know?
>
> Yes, you may want to tune syslog or whatever you're using for your KDC
> logging, although MIT is a lot better
On Thu, Aug 13, 2009 at 6:41 AM, Xu, Qiang
(FXSGSC)qiang...@fujixerox.com wrote:
P.S. Can I ask why the numerical IPv6 address is not supported in MIT
distribution?
Using IP addresses in files like krb5.conf is generally discouraged,
as it's easier to change a single entry in dns than it is
On Thu, Aug 13, 2009 at 4:21 AM, Xu, Qiang
(FXSGSC)qiang...@fujixerox.com wrote:
Yes, in my testing, OpenLDAP utility ldapsearch also works well with IPv6
address in /etc/krb5.conf when doing SASL binding.
Although we are using Mozilla LDAP library, I don't think it is MozLDAP's
fault, coz
On Fri, Aug 7, 2009 at 4:28 AM, Xu, Qiang
(FXSGSC)qiang...@fujixerox.com wrote:
Since it seems MozLDAP didn't pass any info related to Kerberos
authentication server to Cyrus-SASL, can I understand that Cyrus-SASL obtain
the Kerberos authentication server's whereabout from the ticket? But
On Mon, Jan 19, 2009 at 11:32 AM, Michael Ströder mich...@stroeder.com wrote:
Andrew Cobaugh wrote:
On Fri, Jan 16, 2009 at 2:58 PM, Michael Ströder mich...@stroeder.com
wrote:
HI!
I'm trying to test mod_auth_kerb-5.4 built with MIT libs 1.6.3 for
SPNEGO/Kerberos working with MS AD W2K3SP1
On Fri, Jan 16, 2009 at 2:58 PM, Michael Ströder mich...@stroeder.com wrote:
HI!
I'm trying to test mod_auth_kerb-5.4 built with MIT libs 1.6.3 for
SPNEGO/Kerberos working with MS AD W2K3SP1. My ultimate goal is to
receive a forwardable ticket (env var KRB5CCNAME) and use that for LDAP
I've seen this discussed before, but I'm having some trouble.
My situation is that I have sshd behind a NAT. The public IP has an A
record from one of my domain names, but I have no control over the PTR
record, as this is a cable modem connection, so the ISP controls that.
So, the client goes to