MIT Kerberos OTP with Windows

Charles Hedrick hedrick at rutgers.edu
Fri Nov 3 09:30:27 EDT 2017


I’m using KfW 4.1. Since there’s no documentation on krb5.ini, I used the same syntax as for krb5.conf

 kdc = https://services.cs.rutgers.edu/KdcProxy

I’m not using http_anchor, since we have a commercial cert, and other implementations don’t need us to specify a CA cert.

The error message says no kdc is reachable.

On Nov 2, 2017, at 7:33 PM, Benjamin Kaduk <kaduk at mit.edu<mailto:kaduk at mit.edu>> wrote:

On Wed, Nov 01, 2017 at 10:30:36PM +0000, Charles Hedrick wrote:

I’ll try agian. Also KfW doesn’t seem to implement kdc proxy. I’d prefer not to open my kdc to the world. I’m currrently using the Proxy for home use.

Hmm, could you say a bit more about what version of KfW you're using and
how you've tried to configure MS-KKDCP?  From the release notes, at least,
it seems that KfW 4.1 should have this support available in some form.

-Ben



More information about the Kerberos mailing list