Password Changing failing from Windows to MIT KDC
Jeffrey Altman
jaltman2 at nyc.rr.com
Fri Sep 2 13:04:03 EDT 2005
Mike:
Thanks for this additional piece of information. It is quite
possible that the issue is related to NAT affects. I will need
to look into the reason for why a ticket containing addresses is
being obtained. The default for KFW is to not obtain tickets
with addresses.
Jeffrey Altman
Mike Friedman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, 23 Aug 2005 at 02:45 (-0000), Jeffrey Altman wrote:
>
>> I can verify that there is a problem although I cannot determine at
>> the moment what the source of it is. What is the most recent version
>> of KFW that you are aware works?
>
>
> Jeffrey,
>
> Further investigation by my Windows colleagues appears to reveal that
> password changing fails only when issued from a NAT'ed private IP
> address. This is true both for KfW and for native Windows Kerberos
> password changing.
>
> But this problem has apparently existed for some time with admin
> functions in general (e.g., kadmin) and not only from Windows systems.
>
> So, as it stands, we have no evidence of a new problem either with
> recent KfW releases or with a current version of the KDC.
>
> Is the problem that you say you can verify perhaps also related to
> NAT'ed private IP addresses?
>
> Mike
--
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu
More information about the Kerberos
mailing list