Changing passwords in MS KDC from MIT krb5
Booker C. Bense
bbense at networking.stanford.edu
Tue May 7 10:35:01 EDT 2002
On Mon, 6 May 2002, Curtis Robinson wrote:
> Is there support for rfc 3244? This rfc tells how to change the
> password of other users with an admin account. I am trying to write a
> plugin for iPlanet Directory Server to sync the password coming into the
> LDAP Server and change the password over on the MS KDC. But, the MIT
> krb5 needs to support the ability to login as the administrator under
> Windows and change the password of a different user. I have searched,
> but I could not find any indication if it is or not supported by the MIT
> krb5 implementation.
- As far as I know the changing password with an admin account is not
supported by the MIT code. I used the MS supplied kerberos
interoperablity code to implement a somewhat similar scheme
here at Stanford. I'm pretty sure that changing the password
as a user is supported by the MIT code.
- I'm not sure if I can hand out my modified MS code or not. I think
it has dissappeared from the MS web sites. At least when I tried to
find it again it was gone from the URI I downloaded it from.
- You can also change the password in AD by using the ldap protocol
over ssl.
- Booker C. Bense
More information about the krbdev
mailing list