AdressLess Ticket restriction by KDC server side
Andrea Cirulli
acirulli at gmail.com
Tue Mar 25 12:15:39 EDT 2008
The problem is properly that I'm in an environment in which there are some
old clients, which doesn't request for addressless tickets and doesn't not
care about the entry noaddresses= true.
This is the reason for which I'm looking for a kdc server side solution.
Howevere,thanks
On Tue, Mar 25, 2008 at 4:54 PM, Jeffrey Altman <
jaltman at secure-endpoints.com> wrote:
> Andrea wrote:
> > Hi all,
> > I'm looking for a way to force the KDC server to release only
> > addressless tickets, that is, even if a client is looking/asking for
> > a ticket with address, the KDC will always give back an addressless
> > ticket.
> >
> > So, is there an entry on the kdc.conf or something else that allow me
> > to obtain what I said above?
> >
> > P.S: The solution on which I have to put just into krb5.conf an entry
> > such as noaddresses=true doesn't accomplish my goal.
> >
> Recent clients only request addressless tickets unless
> 'noaddresses=false' is set
>
>
>
--
Andrea Cirulli
More information about the Kerberos
mailing list