w2k client login to kerberos realm
Brian Thompson
brianpm at ghidra.eng.wayne.edu
Mon Nov 11 22:33:04 EST 2002
hartmans at mit.edu (Sam Hartman) wrote in message news:<tslbs4vyem8.fsf at konishi-polis.mit.edu>...
> >>>>> "Tony" == Tony Hoyle <tmh at nodomain.org> writes:
>
> Tony> In any case it would be the KDC that would have to pass the
> Tony> AD authentication information - maybe he was referring to
> Tony> the patched heimdal he did for samba?
>
>
> No, it is simply required that the host service ticket obtained to
> verify the user include the AD information. Provided that the
> machine's account is with an AD KDC everything can be made to work.
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> http://mailman.mit.edu/mailman/listinfo/kerberos
Sam, it sounds like you already have working
exactly what I'm trying to get working. Can
you cut/paste/annotate an output of your
workstation ksetup?
I'm not clear on whether the client machines
need mapping enabled or not and whether to point
them at the Heimdal KDC machine or the AD machine
for access to the Heimdal KDC realm.
Thanks for any info!
-Brian
More information about the Kerberos
mailing list