MIT-Heimdal interop issues
Sam Hartman
hartmans at MIT.EDU
Wed Mar 24 15:32:43 EST 2004
>>>>> "Donn" == Donn Cave <donn at drizzle.com> writes:
Donn> Quoth digant at uta.edu (Digant Kasundra):
Donn> | Well, for some reason, I'm not getting good results. getting a ticket with
Donn> | kinit on the heimdal side works great if I specify a password. But when
Donn> | using a keytab, it will only work if I tell it manually what encryption type
Donn> | to use, even though ktutil identifies the enc type correctly when listing
Donn> | the keys in that keytab.
Donn> |
Donn> | I think this is the major contributor to my gssapi bind failing on openldap.
Donn> The way I remember it, Heimdal looks for different keywords in the
Donn> /etc/krb5.conf configuration file. I forget which is whose, but ours
Donn> now looks like
Heimdal is default_etypes; the rest are MIT config values.
But please don't specify any of the above. None of them should be
needed with even moderately recent versions of the code in a correctly
configured realm.
More information about the Kerberos
mailing list