[131] in pc-kerberos
Re: Upcoming potential changes in KRBV4*.DLL
daemon@ATHENA.MIT.EDU (John Gardiner Myers)
Wed Aug 2 12:02:04 1995
Date: Wed, 2 Aug 1995 11:54:09 -0400 (EDT)
From: John Gardiner Myers <jgm+@CMU.EDU>
To: pc-kerberos@MIT.EDU
In-Reply-To: <9508021250.AA26680@mqh.cit.cornell.edu>
Mike Hojnowski <mqh@mqh.cit.cornell.edu> writes:
> Proxy server? What proxy server? We're just using the straight K4 kadmind.
The straight MIT K4 kadmind modifies a straight MIT K4 kerberos
database. Transarc kaservers do not read straight MIT K4 kerberos
databases, they read their own Ubik database. Straight MIT K4 kadminds
are thus incapable of affecting what Transarc kaservers serve.
The only practical way to get a MIT v4 password changing protocol
client to modify a Transarc Ubik database is to have something which
is a MIT K4 password changing server which implements changes by
making client requests using the Transarc RX-based password changing
protocol. Such a beast is generally called a "proxy server".
If, on the other hand, a realm is not running a Transarc kaserver,
there's no reason for it to have ever used the Transarc string-to-key.
--
_.John G. Myers Internet: jgm+@CMU.EDU
LoseNet: ...!seismo!ihnp4!wiscvm.wisc.edu!give!up
