Attempting Windows 2003--MIT Kerberos interop
Stephen Jacob
Stephen.Jacob at nominum.com
Thu Sep 25 19:24:04 EDT 2003
Hi all,
I've been attempting to set up a Windows Server 2003 machine as a
Domain Controller and KDC (which I believe I've done, though it's
a little hard to tell for certain) and have MIT kerberos clients
talk to it (with the eventual goal of testing GSS-TSIG interop).
The only Windows-MIT kerberos interop documentation I can find
anywhere is for Windows 2000, not Windows 2003, and it utilizes
various utilities from the Windows 2000 Resource Kit, most
significantly ktpass.exe. The Windows 2003 Resource Kit
downloadable from microsoft.com does not appear to include this
program (it includes kerbtray [a graphical system tray widget to
view currently-held tickets] and klist, but that seems to be all
as far as kerberos is concerned).
I read a thread on this list from 2003.08.11-2003.08.13 entitled,
"Interoperability with windows 2003 KDC and MIT kerberos V,"
which seemed to suggest that somebody had got it working. Can
anybody give me any suggestions/pointers to information which
might help me in my endeavour?
In the thread mentioned above, there was mention of some third-
party product (Vintela Authentication), but I don't think it
would be appropriate to rely on a third-party product in this
case.
Regards,
sj
--
Stephen Jacob | Stephen.Jacob at nominum.com | +1 650 381 6051
Nominum, Inc. | http://www.nominum.com/ | "Communication by Name"
More information about the Kerberos
mailing list