Kerberos interoperability w/ UNIX systems
Sasi G
sasi9999 at hotmail.com
Mon Apr 3 20:29:16 EDT 2006
Hi,
I am working on bringing a Unix service under AD. To do this I need to map
a service
principal name (SPN) to an AD account. The MS document specifies using a
user
account for this, and I have tested with this and it works. However, I am
also
trying to use a computer account for this. Everything seems to work except
the
ticket cannot be decrypted. So I am curious if computer accounts can be
used
for this purpose. It seems quite straightforward, but it just didn't work.
If anyone tried mapping the principal to a computer account for UNIX service
and got the client to authenticate to this service using kerberos, please
let me know.
Thanks,
Sasi
_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
More information about the Kerberos
mailing list