single sign on
John Green
green at blueheronbio.com
Fri Aug 9 12:17:26 EDT 2002
I'm not sure about the VC++ part, but if you want to set up Win2K clients to
log onto a Kerberos realm, follow these instructions for setting up a KDC:
http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.2/doc/install_toc.html
To get the Win2K clients to participate in the realm, do this:
In the Kerberos realm, create a host principal for the computer. Use the
command:
Kadmin -q “ank -pw password host/machine-name.example.com”
Since a Kerberos realm is not a Windows 2000 domain, the computer must be
configured as a member of a workgroup. This is automatic when you set the
Kerberos realm and add a KDC server as follows:
C:> Ksetup /setdomain EXAMPLE.COM
C:> Ksetup /addkdc EXAMPLE.COM kdc.example.com
Set the local machine account password, as follows:
C:> Ksetup /setmachpassword password
Restart your computer for the changes to take effect. (This is a required
step.) Whenever changes are made to the external KDC and realm
configuration, a restart is required.
After the reboot you will then be prompted to log onto the local machine or
a Kerberos realm.
Use Ksetup with no arguments to see the current settings. (Note that the KDC
server[s] is not shown.)
Pretty simple.
-----Original Message-----
From: kiru [mailto:kiru at workforcehr.com]
Sent: Friday, August 09, 2002 3:46 AM
To: kerberos at mit.edu
Subject: single sign on
Hi all,
I am looking into the single sign-on for our client server application.
While i was gathering info. I found out that it is to do with Kerberos.
Infos are too many. Please help me to find out how to use VC++ and
WIN2000. Is there any sample codes around? or Anyone point me to some
documents or direction.
Thanks
Kiru
________________________________________________
Kerberos mailing list Kerberos at mit.edu
http://mailman.mit.edu/mailman/listinfo/kerberos
More information about the Kerberos
mailing list