Constraint Delegation with MIT Kerberos
Christopher D. Clausen
cclausen at acm.org
Fri Apr 5 11:36:11 EDT 2019
It would be helpful to understand more of your environment. Can you
provide more details of what you are trying to accomplish?
Are multiple Kerberos realms involved or just a single Active Directory
domain? Is an MIT KDC involved? Or just MIT Kerberos clients?
What errors are you seeing with MIT?
https://web.mit.edu/kerberos/krb5-latest/doc/admin/troubleshoot.html
might be helpful to enable debug logging.
<<CDC
On 4/5/2019 9:38 AM, Jeffries, Joseph L wrote:
> Thanks Christopher. I have followed this and can get it to work, but when I add MIT Kerberos into the mix it does not work. According to Microsoft 3 Tier Kerberos support there needs to be a service or spn configured for MIT Kerberos to do Constraint Delegation. So I am looking for documentation or cook book on how to configure MIT Kerberos to do Constraint Delegation.
More information about the Kerberos
mailing list