[16485] in Kerberos_V5_Development
Re: X-CACHECONF in cache type 0504
daemon@ATHENA.MIT.EDU (Greg Hudson)
Fri Nov 19 11:28:22 2010
From: Greg Hudson <ghudson@mit.edu>
To: Tim Alsop <Tim@cybersafe.com>
In-Reply-To: <C90C510C.27A0C%Tim.Alsop@CyberSafe.com>
Date: Fri, 19 Nov 2010 11:28:17 -0500
Message-ID: <1290184097.2633.1271.camel@ray>
Mime-Version: 1.0
Cc: Weijun Wang <weijun.wang@oracle.com>, Sam Hartman <hartmans@mit.edu>,
"krbdev@MIT.EDU" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Fri, 2010-11-19 at 11:09 -0500, Tim Alsop wrote:
> I am also trying to find out where the format of these configuration
> entries is documented, if anywhere ?
I'm not aware of any documentation.
> For example, I see "fast_avail" in the entry issued by MS AD in our tests.
> I assume this means that the realm supports FAST.
Correct--although I heard back from Microsoft that they do not implement
FAST in any version of AD 2003, nor do they use padata type 136 for any
other purpose. So it's still a mystery to me why you're seeing those
entries when you kinit to your AD server.
> Are there any other values, such as fast_not_avail ?
We do not currently use any other values, but Heimdal does. Assuming
people use reasonably descriptive names that don't collide, the
name:value correspondence is a private contract between the caller of
krb5_cc_set_config and krb5_cc_get_config with that name.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
