unable to authenticate using active directory/mit kfw 2.5 and netscape sdk
Vikas Gandhi
vgandhi at quark.co.in
Sun Mar 14 04:24:34 EST 2004
Hi Jeffrey
I am asking a basec fundamental question. Has someone tried with the
approach that I am mentioning writing a client in netscape-sdk & mit
1.25 kerberos and then experementing with this. I can even paste the
whole code if u want because I have not been getting any right answers
from anywhere.
Regards
Vikas
Jeffrey Altman <jaltman2 at nyc.rr.com> wrote in message news:<40532C5D.9040402 at nyc.rr.com>...
> > Question3: For the scenario described above I have chosen SASL
> > implementation using netscape sdk. I have tried this in Solaris and
> > have succeeded. I tested with SEAM/Directory Server 5.2 and AD
> > implemented using Luke Padl samples implementations for
> > authentications and found that it was successful (attached
> > libgssldap.c).
> >
> > I then ported this to windows using kfw2.5 and failed to run the
> > samples
> >
> > May Be (MS uses SSPI to fetch Microsoft credentials from the LSA
> > (Windows version of credentials cache) while and then kfw 2.5 uses
> > GSSAPI and has its own credential caches)
>
> There are indeed different credentials caches. With KFW 2.5 you
> must copy the MS credentials from the LSA to CCAPI with the MS2MIT.EXE
> utility.
>
> In KFW 2.6 (currently in beta), you can simply set the environment
> variable
>
> KRB5CCNAME = MSLSA:
>
> before starting your application and the credentials from the MS LSA
> cache will automatically and transparently be used.
>
> Jeffrey Altman
> KFW Maintainer
More information about the Kerberos
mailing list