Kerberos interoperability - Windows Server w/ UNIX systems
sasi9999 at hotmail.com
Mon Apr 3 20:28:22 EDT 2006
I am working on bringing a Unix service under AD. To do this I need to map
principal name (SPN) to an AD account. The MS document specifies using a
account for this, and I have tested with this and it works. However, I am
trying to use a computer account for this. Everything seems to work except
ticket cannot be decrypted. So I am curious if computer accounts can be
for this purpose. It seems quite straightforward, but it just didn't work.
If anyone tried mapping the principal to a computer account for UNIX service
and got the client to authenticate to this service using kerberos, please
let me know.
Express yourself instantly with MSN Messenger! Download today - it's FREE!
More information about the krbdev