[38102] in Kerberos
Re: MIT Kerberos OTP with Windows
daemon@ATHENA.MIT.EDU (Charles Hedrick)
Fri Nov 3 09:30:49 2017
From: Charles Hedrick <hedrick@rutgers.edu>
To: Benjamin Kaduk <kaduk@mit.edu>
Date: Fri, 3 Nov 2017 13:30:27 +0000
Message-ID: <22CA3EA4-91E7-4E79-B1B0-6F3BB7313678@rutgers.edu>
In-Reply-To: <20171102233310.GA26855@kduck.kaduk.org>
Content-Language: en-US
MIME-Version: 1.0
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
I’m using KfW 4.1. Since there’s no documentation on krb5.ini, I used the same syntax as for krb5.conf
kdc = https://services.cs.rutgers.edu/KdcProxy
I’m not using http_anchor, since we have a commercial cert, and other implementations don’t need us to specify a CA cert.
The error message says no kdc is reachable.
On Nov 2, 2017, at 7:33 PM, Benjamin Kaduk <kaduk@mit.edu<mailto:kaduk@mit.edu>> wrote:
On Wed, Nov 01, 2017 at 10:30:36PM +0000, Charles Hedrick wrote:
I’ll try agian. Also KfW doesn’t seem to implement kdc proxy. I’d prefer not to open my kdc to the world. I’m currrently using the Proxy for home use.
Hmm, could you say a bit more about what version of KfW you're using and
how you've tried to configure MS-KKDCP? From the release notes, at least,
it seems that KfW 4.1 should have this support available in some form.
-Ben
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
