[30205] in Kerberos
Re: ktutil get
daemon@ATHENA.MIT.EDU (Javier Palacios)
Thu Aug 7 03:22:17 2008
Message-ID: <a64bf030808070020v10bf592fl66b51d96d2ea5ee0@mail.gmail.com>
Date: Thu, 7 Aug 2008 09:20:56 +0200
From: "Javier Palacios" <javiplx@gmail.com>
To: "Victor Sudakov" <vas@mpeks.no-spam-here.tomsk.su>, kerberos@mit.edu
In-Reply-To: <20080806221722.GR25547@Sun.COM>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> A while back I wrote a utility for building keytab files when using
> Active Directory as the KDC; it uses the RFC3244 protocol to set the
> "password" of the given principal, so it should work with Heimdal.
It's nice to see a source code sample for this. Up to now I did use
the binary-only adkadmin from Certified Security Solutions.
Have anybody tried with the 'Active Directory' mode of heimdal's kadmin ?
By the way, my tests with W3K R2 Enterprise did show that neither SFU
nor the Identity management for Unix (which I didn't know) are
strictly required. The unix schema is actually there, and if you are
ready for some debugging loops you can do everything with ldapmodify
from the unix (fedora/ubuntu) box. And as far as I remember, you don't
need to fix a NIS domain attribute.
Javier Palacios
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
