[19599] in Kerberos
RE: Windows 2000 Server as KDC
daemon@ATHENA.MIT.EDU (Mel Riser)
Wed Jul 16 13:56:02 2003
Content-Class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Date: Wed, 16 Jul 2003 12:54:33 -0500
Message-ID: <A0E465D8EE21FE4EA9DB3C11F48EB1FB015654BA@europa.mesas.mis>
From: "Mel Riser" <mel.riser@fxfn.com>
To: "Wayne Rasmussen" <XvirtualDoNotSpamMe@gomonarch.com>, <kerberos@mit.edu>
Content-Transfer-Encoding: 8bit
Errors-To: kerberos-bounces@mit.edu
When you install Active Directory, it installs the TGT server and all necessary ports.
the Win2k KDC has to be the primary, but Linux boxes or other OS's running kerberos can be backups. Replication is the problem though.
an easier solution would be to setup a windows realm for Win2k KDC and a cross realm trust with a linux box in a different realm.
mel
-----Original Message-----
From: Wayne Rasmussen [mailto:XvirtualDoNotSpamMe@gomonarch.com]
Sent: Wednesday, July 16, 2003 12:12 PM
To: kerberos@mit.edu
Subject: Re: Windows 2000 Server as KDC
So the admin client app is not applicable to this situation then is that correct?
thanks,
wayne
shane.stakem@managestar.com wrote:
> Windows 2000 Server is by "Default" a Primary KDC as Windows uses it natively. Kerberos doesn't use 749/750 it uses port 88.
> There is a Kerberos admin cli application supplied on the Win2K server CD somewhere...can't remember specifics though.
>
> Shane Stakem
>
> > ----------
> > From: Wayne Rasmussen
> > Sent: Tuesday, July 15, 2003 4:18 PM
> > To: kerberos@MIT.EDU
> > Subject: Windows 2000 Server as KDC
> >
> > A few questions:
> >
> > 1) Does Windows 2000 server have a kerberos administrator server
> > installed? Doesn't appear to have one as posts 749/750 are not open.
> > Is there supposed to be one and at what port.
> >
> > 2) Is there a way on the Windows 2000 Server to test the TGT and TST
> > say via command prompt in cmd.exe?
> >
> > Not sure that I have everything setup on my solaris 9 client side
> > krb.conf and kdc.conf files.
> >
> > thanks,
> > wayne
> >
> > ________________________________________________
> > Kerberos mailing list Kerberos@mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
> >
> >
>
> ________________________________________________
> Kerberos mailing list Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
