[18999] in Kerberos
Re: mit kerberosv5 1.2.7 - kadmin wont connect - please help
daemon@ATHENA.MIT.EDU (Yan)
Wed Apr 2 22:47:01 2003
Date: Wed, 02 Apr 2003 22:55:04 -0500
From: Yan <ymercier@mxtest.homedns.org>
To: Matthew Mauzy <matthew_mauzy@unc.edu>
Message-id: <003a01c2f994$cf712510$f600a8c0@yan>
MIME-version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7bit
cc: kerberos@MIT.EDU
Errors-To: kerberos-bounces@mit.edu
Are you talking about LDAP ?
It looks like it, I would really like to plug my MIT Kerberos KDC into
LDAP but it doesnt seem to support it so far. because I didnt
see the option when configuring it.
Here is the output of the principal Im am using for test :
kadmin: getprinc yan/admin
Principal: yan/admin@NEOTOKYO.COM
Expiration date: [never]
Last password change: Fri Mar 28 22:42:23 CST 2003
Password expiration date: [none]
Maximum ticket life: 0 days 10:00:00
Maximum renewable life: 7 days 00:00:00
Last modified: Fri Mar 28 22:42:23 CST 2003 (root/admin@NEOTOKYO.COM)
Last successful authentication: [never]
Last failed authentication: [never]
Failed password attempts: 0
Number of keys: 3
Key: vno 1, Triple DES cbc mode with HMAC/sha1, no salt
Key: vno 1, DES cbc mode with CRC-32, no salt
Key: vno 1, DES cbc mode with CRC-32, Version 4
Attributes:
Policy: [none]
How can I see these objectClass properties ?
Yan
---------------------------------
----- Original Message -----
From: "Matthew Mauzy" <matthew_mauzy@unc.edu>
To: "Yan" <ymercier@mxtest.homedns.org>; <kerberos@mit.edu>
Sent: Wednesday, April 02, 2003 10:37 PM
Subject: Re: mit kerberosv5 1.2.7 - kadmin wont connect - please help
> What objectClasses do you have defined for the user accounts? Make sure
> that you have shadowAccount in there. Here's what I have:
>
> objectClass=person
> objectClass=organizationalPerson
> objectClass=inetOrgPerson
> objectClass=posixAccount
> objectClass=shadowAccount
> objectClass=top
> objectClass=krb5Principal
>
> --Matthew
> __________________________________________________________________
> Matthew W. Mauzy
> Systems Administrator
> Applied Math @ UNC-CH
> email : mauzy@amath.unc.edu pager : mpager@amath.unc.edu
> (W) 919.962.9819 www.amath.unc.edu/~mauzy/ (P) 919.347.0390
> __________________________________________________________________
>
>
> --On Wednesday, April 02, 2003 10:09 PM -0500 Yan
> <ymercier@mxtest.homedns.org> wrote:
>
> > I tried to authenticate my solaris8 box with the bundled
> > PAM_Kerb5 module, and it doesnt work because
> > Sun SEAM Kdc is working with a SecureRPC method
> > different than the one MIT Kerberos use.
> >
> > Is there a way to authenticate my solaris clients
> > with the MIT kerberos KDC ?
> >
> > Thank you,
> > Yan
> > --------------
> >
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
