Different Heimdal/MIT behaviour of krb5_get_credentials ?

Henry B. Hotz hotz at jpl.nasa.gov
Thu May 31 21:20:02 EDT 2007

On May 31, 2007, at 11:25 AM, Markus Moeller wrote:

> I have a AD forest with MM.COM with domains DOM1.MM.COM,DOM2.MM.COM  
> and
> SUB.DOM2.MM.COM which all trust each other. To test the  
> availability of
> service tickets I created the following short program:

Any particular reason you didn't use kvno (MIT) and kgetcred (Heimdal)?

To properly debug the problem you probably want to look at the kdc  
logs to see what actually got requested as compared to what's  
available.  You can also get that info from a tcpdump/snoop, but it's  
not as easy.

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz at jpl.nasa.gov, or hbhotz at oxy.edu

More information about the Kerberos mailing list