Jason Gerfen jason.gerfen at
Fri Dec 3 11:35:21 EST 2004

Sam Hartman wrote:

>OK.  You don't need krb5_fwd_tgt_creds at all.
>Also, you must verify the ticket *before* creating the account.  If
>you do not, you will be vulnerable to a user impersonating the ldap
Ok, that is appreciated.  So is the UID/GID information from the user 
used in ticket validation?

Jason Gerfen
jason.gerfen at

"And remember... If the ladies
 don't find you handsome, they
 should at least find you handy..."
             ~The Red Green show

More information about the krbdev mailing list