[19601] in Kerberos
RE: Windows 2000 Server as KDC
daemon@ATHENA.MIT.EDU (Mel Riser)
Wed Jul 16 14:23:23 2003
Content-Class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Date: Wed, 16 Jul 2003 13:22:09 -0500
Message-ID: <A0E465D8EE21FE4EA9DB3C11F48EB1FB015654BB@europa.mesas.mis>
From: "Mel Riser" <mel.riser@fxfn.com>
To: "Karl Pitrich" <karl.pitrich@fabasoft.com>, <kerberos@mit.edu>
Content-Transfer-Encoding: 8bit
Errors-To: kerberos-bounces@mit.edu
yes there are some tools in the windows 2000 resource kit.
but they are limited. You CAN compile some of the linux tools with MS visual studio, but you have to hack the source and it is difficult.
our experience is to let the windows KDC/Active Directory handle windows clients, and have a separate Linux KDC for Unix authentication, and setup cross realm trusts.
mel
-----Original Message-----
From: Karl Pitrich [mailto:karl.pitrich@fabasoft.com]
Sent: Wednesday, July 16, 2003 12:45 PM
To: kerberos@mit.edu
Subject: Re: Windows 2000 Server as KDC
On Wed, 2003-07-16 at 01:18, Wayne Rasmussen wrote:
> A few questions:
>
> 1) Does Windows 2000 server have a kerberos administrator server
> installed? Doesn't appear to have one as posts 749/750 are not open.
> Is there supposed to be one and at what port.
in [realms]
set both kdc and admin_server to the hostname or ip
of your Windows Domain Controller and
supply the full domain as realm.
> 2) Is there a way on the Windows 2000 Server to test the TGT and TST
> say via command prompt in cmd.exe?
in some resource kit, i forgot which, M$ provides kerberos command line
tools. (ktpass etc.)
/ karl
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
