Auditing Feature in Kerberos

Kevin Coffman kwc at
Thu Feb 9 15:54:31 EST 2006

> 6) Following are the data which are already logged in the file:
>     Starting, stopping the services. TGT/TGS requests and Password
> changes.
> 7) Following are the data to be audited in addition to the above:
>     Service Tickets issued for a particular TGT, cross realm tickets -
> hosts involved, ticket information 

Hopefully this would be somewhat easy to extend/customize.
We currently have a patch to issue referrals for our Windows
forest and may like to audit those differently than general
cross-realm ticket requests.


More information about the krbdev mailing list