win2k and kerberosV(mit)

Josef Allen josallen at
Fri Jun 7 03:19:26 EDT 2002

I have recently followed the how to for a win2kpro to use a mit kdc
server. I followed all of the directions. I then rebooted the win2kpro
(windows 2000 professional). Ichecked to see if I had different domains.
Namely the domain that is in question was the kdc domain name and the name
of the standalone win2kpro. I noticed that I had both domains. I then
mapped a user from a win2kpro user to a user at REALM using the ksetup
utility. Of course I had created a local account already for the user on
the win2kpro. I then tried to use the account using my newly created
domain. I had success. Now that I have painted this picture let me tell
you what went WRONG.

I checked the krb5kdc.log file and saw no activity.
I checked the kadmind.log file and saw no activity.

I tried to logon to the win2kpro machine with a user that was created for
the local machine BUT was not mapped to the mit kdc. I was successful in
logging on via the kdc domain.

Thus how can I tell when I truly have interoperability.

Josef De Vaughn Allen

More information about the Kerberos mailing list