replicating windows 2000 principals
Luke Howard
lukeh at PADL.COM
Thu Sep 26 10:44:11 EDT 2002
>I am trying to replicate the kerberos database from a Windows 2000 AD
>server to a UNIX krb5 KDC. Problem is that, although Microsoft mentions
>kprop in its Kerberos 5 interoperability document, this service is
>nowhere to be found in Windows 2000.
>
>Some documents in MSDN report that "windows 2000 is not using the
>kerberos replication protocol for replication of the user database, but
>a proprietary ADSI based protocol".
Well, the protocol is no based on ADSI -- that is an API -- rather it is
a DCE RPC-based protocol.
>Is there a way to replicate the Windows 2000 kerberos database on a UNIX
>slave KDC?
Not that I am aware of.
-- Luke
--
Luke Howard | PADL Software Pty Ltd | www.padl.com
More information about the Kerberos
mailing list