[6812] in Kerberos
Re: DECServer 900
daemon@ATHENA.MIT.EDU (Joff Thyer)
Mon Mar 4 15:02:12 1996
From: "Joff Thyer" <Joff_Thyer@uncg.edu>
To: Bill Woods <74230.3552@CompuServe.COM>
Date: Mon, 4 Mar 1996 14:43:11 +0000
Cc: kerberos@MIT.EDU
I have DECserver 900's talking to a Cygnus KDC.
The trick with password changing is to set the secret
string in the DECserver, then have a rcmd.DSNAME in your
KDC database.
ie: if your DECserver is named: NONAME
then create a rcmd.NONAME principal for the KDC. Make the
password the same as the secret string on the DecServer.
Local> set kerb realm REALMNAME secret
will set the "secret" string.
After you have done that and assuming that your KDC is the
master KDC, then password changing should not be a problem.
> To: kerberos@MIT.EDU
> Date: 3 Mar 1996 02:58:09 GMT
> From: Bill Woods <74230.3552@CompuServe.COM>
> Organization: CompuServe, Inc. (1-800-689-0736)
> Subject: Re: DECServer 900
> Yes, I have had success except it's with a DECserver 700 not
> a 900 but the design is basically the same as things go with DEC.
>
> The other difference is that our server host is an RS6000 running
> AIX 4.x.y. The only problem which I havent quite figured out yet is
> getting the KPASSWD function to work properly from the Decserver
> 700. From looking at the various Kerberos logs and looking at our
> NETwork Sniffer shows that the Dec server request that the changepw
> take place but get's some type of packet back from the KDC but the
> DECserver user is then locked up in the proccess of trying to change
> the users password. If you have any ideas on that please let me
> know.
--
Joff_Thyer@uncg.edu
Systems Programmer
UNC-Greensboro
