KRB5 & Sun Solaris 9

Jamen jmcgranahan at gmail.com
Fri Apr 24 11:46:03 EDT 2009


In order to utilize Samba, we have to use MIT or Heimdal's KRB. Sun's
will not work with Samba on Solaris 9. I've been told that there is a
version on 10 that does work, but I couldn't get it to work on our
box, but did with MIT's. Our goal is to create share drives on these
servers through Active Directory, and we're utilizing Samba, KRB, and
OpenLDAP for this purpose. I've installed Samba and Samba is seeing
all of the resources, but Keberos fails when I issue the kinit
command. Currently, we are not able to upgrade the box to 10 since it
is a heavily used server. Any other guidance would be greatly
appreciated!

Jamen McGranahan

---------------------

One issue we've seen when a MS AD is the KDC is that the AD may use
TCP to send krb messages depending on how large the message is.  This
is a problem for Solaris 9 krb which only expects UDP to be used for
krb messages.  This issue has been addressed in Solaris 10 and
OpenSolaris along with a number of krb related enhancements.  The 1.6
MIT krb also supports this so I can understand why one may want to use
MIT krb in this situation but you may want to consider upgrading
Solaris.
--
Will Fiveash
Sun Microsystems Inc.http://opensolaris.org/os/project/kerberos/




More information about the Kerberos mailing list