kinit des and Win2k
Douglas E. Engert
deengert at anl.gov
Mon May 24 16:13:30 EDT 2004
melissa_benkyo wrote:
>
> hello all,
>
> I have a question. I'm using kerberos krb5-1.2.5-6.src.rpm in unix and
> I setup prinicpals on my AD win2k.
Windows 2000 AD yes, but Windows 2003 AD maybe. krb5-1.2 does not support
TCP but krb5-1.3.x does. If you user are in many groups, the ticket will
be big and require TCP.
> I also set up the principal to Use
> DES encryption types for this account.
But what is in the krb5.conf? Have you set default_tkt_enctypes and
default_tgs_enctypes?
> But I still get pre-authentication failure on my AD.
You mean the kinit fails with some pre authentication message?
What is the message?
>Is it not possible to use this
> option and get a ticket using kinit without failures?
>
> thanks! I'm just confused. :(
If possible upgrade to krb5-1.3.x for better interoperability with Windows.
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
More information about the Kerberos
mailing list