Kerberos upgrade logistics

Jim Green jfgreen at msu.edu
Thu Apr 12 09:45:40 EDT 2012


At Michigan State, I am leading a project to upgrade our MIT Kerberos
central authentication service from version 1.6.3 to 1.10.1.  We will be
dropping support for the Kerberos 4 protocol.  We are a long-time AFS site
and most of the systems we've been able to identify that still rely on
Kerberos 4 are related to AFS in some way. 

The main drivers for this are are a) desire to support account lockout for
some users; b) desire to end-of-life Kerberos 4 support as recommended in
MIT's Kerberos 4 end of life announcement
(http://web.mit.edu/kerberos/krb4-end-of-life.html).

I am interested in communicating with folks that have been down this path,
if anyone has.  Anyone know of any medium to large research institutions
running Kerberos 1.7.x or higher?  If so, I'd appreciate contact
information.  And, anyone, please chime in if there's some reason you know
about that makes this idea totally crazy.  Thanks.



More information about the Kerberos mailing list