[EMAIL PROTECTED] (Sam Hartman) wrote in message news:[EMAIL PROTECTED]...
melissa == melissa benkyo [EMAIL PROTECTED] writes:
melissa hello all, How do I use kerberos api calls and ldap? I
melissa know ldap needs the sasl gssapi to authenticate to it
melissa with the kerberos.
In 10.3 (Panther), you can set the environment variable
KERBEROSLOGIN_NEVER_PROMPT (it doesn't matter what it is set to) in
your application before making any Kerberos calls. If you can't
rebuild the application, you can set it in a wrapper script which calls
your application.
There is no
On Apr 12, 2004, at 9:38 AM, melissa_benkyo wrote:
hello!!! thanks for the resposnse I was hoping not to use SASL since
this means that it is a third party software. I was planning on using
the native protocols available to the OS such as the ldap and the
kerberos. Do u know how to use the
melissa benkyo [EMAIL PROTECTED] writes:
hello!!! thanks for the resposnse I was hoping not to use SASL since
this means that it is a third party software. I was planning on using
the native protocols available to the OS such as the ldap and the
kerberos.
Native to what OS? The Cyrus SASL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Hascall wrote:
| Show us the kdc.conf on your machines...
Sure.
On the master (elwing):
# cat /etc/krb5kdc/kdc.conf
[kdcdefaults]
~kdc_ports = 88,750
[realms]
~SLUGGARDY.NET = {
~database_name =
Hello all,
its me againnn. :D
I'm having trouble setting up a kerberos client on solaris 8. I'm
running a kdc on a linux machine. and I want to use gss-server on the
linux machine and run gss-client on the solaris machine. is this
possible?
steps that I did:
1) add_principal
Hi brian,
thanks for the info. I guess, I'm looking for a way not to use cyrus
if possible cause I'm not sure how to use it with SEAM? :D I'm going
to be using the native SEAM on solaris. Do I need to install it again
if I were to enable it to use cyrus? There are actually more parts
involved
On Saturday, April 10, 2004 16:47:21 + Donn Cave [EMAIL PROTECTED]
wrote:
It depends on your client software. All you need to do is resolve the
addresses to canonical host name first, and use the resolved name for
both the client connect and the service ticket.
Careful here... Using
On Monday, April 12, 2004 08:17:15 -0400 Wyllys Ingersoll
[EMAIL PROTECTED] wrote:
Clients do not typically use the keytab file, they either prompt for
name/password and then request initial creds or read the initial
credentials from the user's cache.
True, in most cases. It's perhaps clearer
Hello All,
I dowloaded and installed krb5-1.3.3-i686-pc-linux-gnu.tar on RedHat 9, and
tried to set it up to work with MS Active Directory for cross-platform
authentication, but without success. Has anyone tried this and can point
me to the right direction, or to some sites with more info on
In article [EMAIL PROTECTED],
[EMAIL PROTECTED] (Jeffrey Hutzelman) wrote:
On Saturday, April 10, 2004 16:47:21 + Donn Cave [EMAIL PROTECTED]
wrote:
It depends on your client software. All you need to do is resolve the
addresses to canonical host name first, and use the resolved
Good Morning/Afternoon/Evening,
I am trying to install krb5 over SELinux policies.
The first point is to secure the Kdc (so it could minimise the risk of
this key server being compromised). Does someone have already taken this
path ?
The first though i had for being the most secure, is to give
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Hascall wrote:
|There are a couple of things that I have been kicking around in my head
|that may be causing the trouble. Will kprop work properly if the slave
|KDC is behind a NATing firewall? I can't think of a reason why it should
|matter, but
nick == Nick Palmer [EMAIL PROTECTED] writes:
nick Right, but does any other part of the protocol for kprop rely on
nick not being NATed? My kpropd gets past the authentication step, as
nick I turned on addressless tickets by default when I did the
nick initial setup. It errors out recieving the
14 matches
Mail list logo