Some problem in forming the TGS request packet with krb5_parse_name() function
abartlet at samba.org
Mon Nov 28 22:22:51 EST 2005
On Thu, 2005-11-24 at 01:35 -0800, Surendra Babu wrote:
> Hi Kerbeors Development team,
> I am seeing some problem in forming the TGS request
> packet with krb5_parse_name() function while parsing
> the Principal (with only IPADDRESS.....but not with
> hostname and no DNS server configured).
In short you cannot.
> 4. If I pass the IP Address in Principal name, (like
> ex: host/22.214.171.124 at XXDOMAIN.COM), the packet is not
> built, failing. If user gives the IP Address instead
> of hostname, how to form the packet? What parameters
> to be passed to krb5_parse_name() for IPA ddress case?
> (DNS server is not configured and IP ADDRESS is only
> avaliable, how to form the TGS request packet?)
This is indeed fortunate, as I've seen Windows clients try and find the
realm 76.56.23, presumably to then find a host '15'.
> 5. How can we form the principal name with out
> hostname (Only available thing is IPADDRESS and no DNS
> Server configured)
I don't believe Kerberos is available in this situation. The KDC
records names, not IP addresses, and you must ask with with a name
registered with the KDC.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20051129/c5c96462/attachment.bin
More information about the krbdev