Windows 2000 Server as KDC
Mel Riser
mel.riser at fxfn.com
Wed Jul 16 14:22:09 EDT 2003
yes there are some tools in the windows 2000 resource kit.
but they are limited. You CAN compile some of the linux tools with MS visual studio, but you have to hack the source and it is difficult.
our experience is to let the windows KDC/Active Directory handle windows clients, and have a separate Linux KDC for Unix authentication, and setup cross realm trusts.
mel
-----Original Message-----
From: Karl Pitrich [mailto:karl.pitrich at fabasoft.com]
Sent: Wednesday, July 16, 2003 12:45 PM
To: kerberos at mit.edu
Subject: Re: Windows 2000 Server as KDC
On Wed, 2003-07-16 at 01:18, Wayne Rasmussen wrote:
> A few questions:
>
> 1) Does Windows 2000 server have a kerberos administrator server
> installed? Doesn't appear to have one as posts 749/750 are not open.
> Is there supposed to be one and at what port.
in [realms]
set both kdc and admin_server to the hostname or ip
of your Windows Domain Controller and
supply the full domain as realm.
> 2) Is there a way on the Windows 2000 Server to test the TGT and TST
> say via command prompt in cmd.exe?
in some resource kit, i forgot which, M$ provides kerberos command line
tools. (ktpass etc.)
/ karl
More information about the Kerberos
mailing list