Unix KDC/Windows2003 crossrealm trust useless for Exchange2003

Subu Ayyagari s.ayyagari at xpedite.com
Thu Jun 10 15:10:08 EDT 2004

Is there anyone who has managed to use Exchange2003
when Windows 2003 domain has a trust with unix Kerberos,
so that unix KDC provides authentication to all users?

>From systems that are not part of the windows domain,
POP and IMAP connectivity to Exchange2003 just do not work.
OWA works using UPN (user at unixKDCrealm) though.

Appears the only way would be to have an out-of-band process
to syncup passwords between unix KDC and Windows ADS.
and throw out the cross-realm trust.

Any suggestions/comments?

email: s.ayyagari at xpedite.com


More information about the Kerberos mailing list