Win logon to a MIT Kerberos V KDC?

Turbo Fredriksson turbo at bayour.com
Mon Oct 7 09:24:52 EDT 2002


Quoting Luke Howard <lukeh at PADL.COM>:

> >>>>>> "Luke" == Luke Howard <lukeh at PADL.COM> writes:
> >
> >    Luke> Last time I looked into it, the MIT backend API was nowhere
> >    Luke> near as simple as Heimdal's. So, we are very unlikely to do
> >    Luke> so.
> >
> >Chicken :)
> 
> Well, why don't you just use Heimdal? Unless you are a vendor with
> an existing investment in MIT Kerberos, I would not expect this to
> be a major problem; you can still keep your MIT clients. :-)

Well, I've invested quite a lot of time on getting everything to work
smoothly (OpenLDAP 2.0, OpenAFS 1.2.6, ssh etc, etc). The system is
live so it would take way to much time and effort to redo everything...

> >I doubt that I have the time to take a look at it, but any quick
> >pointers on where/how you did it for Heimdal?
>
> We don't actively maintain this backend; we have an internal
> LDAP KDC backend that uses a different schema, and that's
> where our efforts are focused at present.

And this is based on Heimdal?

I'll have a look at the URL you provided when I have a little time
on my hand. Currently I'm working on getting Solaris to authenticate
to the MIT KDC... And after this, it's probably some *BSD variants
turn :)





More information about the Kerberos mailing list