regarding clock skew difference between client and KDC
Danny Mayer
mayer at ntp.isc.org
Thu Aug 23 22:53:05 EDT 2007
eswars wrote:
> Hi,
>
>
>
> I am using MIT Kerberos 2.6.5 libraries in windows machine. I am
> using Active Directory win 2003.
>
> I wanted to authenticate user even when clock skew difference more then 5
> min.
>
That violates the RFC requirements. No server will or should allow you
to do that. Why are you not synchronizing your clocks? NTP is available
on just about all platforms so there's no reason not to use it.
>
> Please give me some suggestion how I can do this.
>
You can't.
Danny
More information about the Kerberos
mailing list