Changing passwords in MS KDC from MIT krb5

Neulinger, Nathan nneul at umr.edu
Tue May 7 14:17:00 EDT 2002 

Since I'm getting alot of questions about this. I'm attaching to the
list. It's a small perl module that we use to do ADS maintenance from
perl via LDAP. 

Anything further should _probably_ be taken off this list though, as
this doesn't have much to do with MIT kerberos. 

You are not going to be able to use the attached module as is - but you
should be able to extract all you need from it. If you have any
questions, feel free to ask. If you have afs access and want to look
over non-included bits, they are at /afs/umr.edu/software/umrperl/libs. 

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul at umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216


> -----Original Message-----
> From: Curtis Robinson [mailto:curtis at oushi.org] 
> Sent: Tuesday, May 07, 2002 12:15 PM
> To: Neulinger, Nathan
> Cc: Booker C. Bense; krbdev at mit.edu
> Subject: Re: Changing passwords in MS KDC from MIT krb5
> 
> 
> Here is the link to the MS sample code for interoperatibility:
> http://search.microsoft.com/gomsuri.asp?n=1&c=rp_Results&sitei
d=us/dev&target=http://msdn.microsoft.com/library/en-us/dnactdir/html/ke
rberossamp.asp

I have looked at the code in detail, but I am having issues with
integrating it into the Netscape Plugin.  Since, I am not knowledgable
enough with the Kerberos mechanisms and API structure.

I would like to see that perl script to change the password via ldap
over ssl as an alternative solution to the problem.  Does this sync the
NTLM and Kerberos password in Active Directory?

On Tue, May 07, 2002 at 09:42:40AM -0500, Neulinger, Nathan wrote:
> > - You can also change the password in AD by using the ldap protocol
> > over ssl.
> 
> If anyone needs a sample of this from perl, let me know. The main
trick
> is in making sure the new password is in the proper double-byte
unicode
> format.
> 
> -- Nathan
> _______________________________________________
> krbdev mailing list             krbdev at mit.edu
> http://mailman.mit.edu/mailman/listinfo/krbdev

-- 
Curtis Robinson
crobinso at fit.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ADSObject.pm
Type: application/octet-stream
Size: 20765 bytes
Desc: ADSObject.pm
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20020507/9b99c20e/attachment.obj

More information about the krbdev mailing list