[krbdev.mit.edu #3064] Solaris client and 1.4 kadmind
Shawn Emery via RT
rt-comment at krbdev.mit.edu
Fri May 20 16:21:53 EDT 2005
Sam Hartman via RT wrote:
>I'd like to confirm that we don't have an interop problem if we use
>the non-rpc change password approach?
>
>
Yes, the horowitz implementation uses the kadmin/changepw service
principal on a Solaris client, so this works fine as is.
>If we do open up support for this principal, we would need to make
>sure that it was an AS request. Typically we do that with KDC flags;
>I would feel uncomfortable for that with a new principal and so we
>would need a check in kadmind.
>
>
Wouldn't that be helpful regardless if the server is changepw or kadmin?
Thanks,
Shawn.
--
More information about the krb5-bugs
mailing list