Kerberos Configuration

Gururaj gururajb at gmail.com
Wed Jul 28 02:20:48 EDT 2004 

Hi Douglas,
Sorry couldn't reply to your reply because of internet access problem.

Thanks that was really a nice reference link. But in that link every
thing is about interoperatibility(Unix and MIT Kerberos)

Let me elaborate about my problem.

My Domain controller machine is a windows server 2003. Now I'd enabled
the Kerberos on this machine with all the paramters set to default.

The other part is my client machine. My client box is a windows server
2000.

I came to know that I need not do any thing to configure the server as
I will be already using Kerberos, right???

Can you clear some of my doubts???

1. How to verify that the Kerberos is being used for authenticaion.
2. What's the need of running KSetup.exe on the client machine.
3. How to find the Principal Name and KDC Name on the server.
4. Finally, Can KerbTray.exe be of any help to me.

Also, I saw there's KDC Service on Windows 2000 machine(not running),
my client machine. Do I need to start that service for any reasons????

Thanks in adv.

Regards,
Gururaj

deengert at anl.gov ("Douglas E. Engert") wrote in message news:<41011E4A.49778A26 at anl.gov>...
> Gururaj wrote:
> > 
> > Hi,
> > 
> > I need to setup a Kerberos Authentication to execute some test cases.
> > 
> > Basically I need to configure my Domain control for kerberos
> > authenticataion. And a client box which authenticates thro kerberos,
> > for this I guess I need to run KSetup on the client machine.
> > 
> > This is what I did...
> > 1. Set all the default values in the Kerberos Policy Parameters
> > 2. Ran Ksetup.exe on the client machine, got the following error
> > 
> > Default realm: testmachine.com (NT Domain)
> > Failed to create kerberos key: 5 (0x5)
> > 
> > Do I need to configure any thing for key Distribution Center (KDC)
> > before I run KSetup?
> 
> Yes, ktpass, see:
> http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp
> 
> "To create a service instance account in the Active Directory"
> 
> > 
> > Can any one please give me a step-by-step guidelines on setting up my
> > Server and Client boxes?
> > 
> > Thanks
> > Gururaj,
> > ________________________________________________
> > Kerberos mailing list           Kerberos at mit.edu
> > https://mailman.mit.edu/mailman/listinfo/kerberos
>  
> -- 
> 
>  Douglas E. Engert  <DEEngert at anl.gov>
>  Argonne National Laboratory
>  9700 South Cass Avenue
>  Argonne, Illinois  60439 
>  (630) 252-5444
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos

More information about the Kerberos mailing list