Re: kerberos - Kadmin does not work #2

 Sorry, my pc changed 'kadmin' to 'admin' and I did not notice it.
> --- Original message ---
> Subject: Re: kerberos - Kadmin does not work
> From: Jeremy Hunt <jeremyh@optimation.com.au>
> To: <kerberos@mit.edu>
> Date: Thursday, 05/03/2015  8:03 AM
> Hi Arun,
> You should also answer Mauricio's question, but did you know
> kadmin.local should only be run on the KDCs, and should only really be
> run on the Master KDC.
> If you want to connect to the Master KDC from a client or a Replica
> KDC, then you should run the 'admin' program.
should be 'kadmin' program :)
> So when you say you installed kerberos on a PC, did you install it as
> a client system, a replica KDC or as the Master KDC ? If it is not as
> the Master KDC, then admin.local will not work.
> Kind Regards,
> Jeremy Hunt
>> --- Original message ---
>> Subject: kerberos - Kadmin does not work
>> From: arun elango <arunelango89@gmail.com>
>> To: <kerberos@mit.edu>
>> Date: Thursday, 05/03/2015  7:15 AM
>> Hi All,
>> I would like to work with Kerberos in Windows. I have installed MIT
>> Kerberos and found it to work fine. However *kadmin* , 'kadmin.local'
>> does
>> not work. I searched for the solution but couldn't find one. Please
>> advice.
>> Regards.
>> AK
>> ________________________________________________
>> Kerberos mailing list           Kerberos@mit.edu
>> https://mailman.mit.edu/mailman/listinfo/kerberos
> ________________________________________________
> Kerberos mailing list           Kerberos@mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos

3/4/2015 9:56:59 PM
comp.protocols.kerberos 5541 articles. 1 followers. jwinius (31) is leader. Post Follow

0 Replies

Similar Articles

[PageSpeed] 40


Similar Artilces:

RE: MIT Kerberos and Solaris 10 Kerberos #2
BTW, as a further clarification, the system was installed initially using our MIT Kerberos build (i.e. the same as we use on all of the Solaris 8 machines). I am now trying to get it to work with the Solaris 10 SEAM. One problem I see immediately (refreshing my memory with a couple quick tests) is that, when using the Sol10 SEAM to install the keytab, I immediately get: # kadmin -p rheilke/admin Authenticating as principal rheilke/admin@ATCOTEST.CA with password. Password for rheilke/admin@ATCOTEST.CA: kadmin: ktadd host/salty.atcotest.ca kadmin: Communication failure with server while chan...

RE: MIT Kerberos and Solaris 10 Kerberos
> possibly 'su' with pam_krb5 for the authentication. Its not quite > the same as 'ksu', though. Douglas says the same. The su man page indicates something about this, but not a lot of details there. I'll look into this further. As far as a co-worker is concerned (and in our environment, I can see his point), this would be a show stopper. We use ksu for all sorts of things, including giving DBA's access to Oracle ID's. Thanks again for all of the help. I'll go through the su and pam.conf man pages, and see if I can figure it out. Rainer ______________...

Re: Anyone here EVER gotten Kerberos authentication working #2
Doug Lawry wrote: >>I don't want to send it to the whole list ... > > > Why not?! See attached. Because he might accidentally send it as a mime attachment to an ascii newsgroup? :-D Cheers, -- Mark. +----------------------------------------------------------+-----------+ | Mark D. Stock mailto:mdstock@MydasSolutions.com |//////// /| | |///// / //| | +-----------------------------------+//// / ///| | |We value your comments, which have |//...

Kerberos Decrypted
http://www.digg.com/security/Kerberos_Decrypted ...

Kerberos Decrypted
http://www.digg.com/security/Kerberos_Decrypted ...

RE: MIT Kerberos and Solaris 10 Kerberos
Greetings, and thanks for the response. > > We run a number of Solaris 8 systems using Sun's SEAM PAM > implementation > > and MIT's Kerberos (which we're up to date on). We are > starting to look > > at Solaris 10, and are hoping to move towards Sun's > implementation of > > Kerberos. We are having a bit of trouble getting the two to talk > > properly, however. > > I'm confused - you cannot use the Solaris pam_krb5 with MIT Kerberos. > It is linked directly with the Solaris Kerberos libraries (private). I am trying to g...

Re: Kerberos with FileZilla #2
The identity is the default identity. I think it's not so easy as I think and I am missing some particular setting. Do I have to create a principal also for the service ftp or only for the identity who is logging? That is what I did: i) I activated ftp server service and set the firewall to permit inbound traffic on ftp ports ii) i installed the NIM and activated the kerberos support service from windows services iii) i did all the settings i have been asked from NIM But when I test the filezilla with gss i get that msg. I am really confused! Diego ----- Original Message ----- Fro...

RE: MIT Kerberos and Solaris 10 Kerberos #5
> > Can we force the Sol10 box to only use DES, to be > compatible with the > > Sol8/MIT systems (which is everything but the one Sol10 box)? > > If you are using MIT Kerberos on the Solaris 8 systems (including > pam_krb5 made for MIT, not the one that comes with SEAM), then > you should not worry about the enctypes because MIT already > supports all of the enctypes that S10 supports. > > The only time you need to worry about enctypes is when you > are using pre-S10 systems with SEAM apps. IN that situation, > ONLY the pre-solaris 10 systems need ...

RE: kerberos
Enrico, I suggest we continue this discussion offline rather than via kebreros@mit.edu. Thanks, Tim. -----Original Message----- From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On Behalf Of Carretti Enrico Sent: 09 July 2004 11:16 To: kerberos@mit.edu Subject: kerberos - proxy >We have a product which is designed to use Kerberos with Apache (1.3 or >2.0) when it is configured as a proxy. The regular SPNEGO Kerberos >solution available for Apache, IE, Mozilla etc. will not work with proxy >servers. > >Please let me know if you are interested and I can ...

RE: MIT Kerberos and Solaris 10 Kerberos #6
OK, I think I have fixed the services. I have: # svcs -v | grep login online - 13:25:02 35 svc:/system/console-login:default online - 13:25:11 - svc:/network/login:eklogin online - 13:25:12 - svc:/network/login:klogin online - 13:25:12 - svc:/network/login:rlogin (Just to make sure, those ARE the correct versions? The ones I removed looked like: # svcadm disable svc:/network/klogin/tcp:default # svcadm disable svc:/network/eklogin/tcp:default The first entry in the svcs listing is, I assume, ...

RE: RBAC and Kerberos? #2
>>>Kerberos fits in best as an AuthN system. It can very easily tie into LDAP which can support your AuthZ needs. This is true within a single enterprise. LDAP support for authorization becomes more difficult once you are talking about federation between different organizations. It requires you to expose your directory server outside your internal firewall and for partner site(s) to have intimate knowledge of your directory schema. In the web authentication world SAML was developed to ease some of these some of these burdens by defining a language to share attributes more easily...

RE: MIT Kerberos and Solaris 10 Kerberos #3
Thanks for the response. Please see inline... > In Solaris 10, all of the Kerberos services are already bundled, > there is no longer any external packages that need to be added. Right. > Whoever told you 'ksu' was part of the encryption kit was mistaken, > ksu has never been part of SEAM. OK, thanks for that clarification. It was a bit of a surprise to me when I was told it was there. So, does the Solaris 10 SEAM have any functionality similar to ksu, or just the standard su command? > The encryption kit for Solaris 10 enhances the overall crypto > capabilities ...

RE: MIT Kerberos and Solaris 10 Kerberos #4
Thanks. We'll have to keep our eyes open for 5-1.4. Rainer > -----Original Message----- > From: Tom Yu [mailto:tlyu@mit.edu] > Sent: Tuesday, January 11, 2005 11:12 AM > To: Wyllys Ingersoll > Cc: Heilke, Rainer; kerberos@mit.edu > Subject: Re: MIT Kerberos and Solaris 10 Kerberos > > > >>>>> "Wyllys" == Wyllys Ingersoll <wyllys.ingersoll@sun.com> writes: > > Wyllys> That's because Solaris 10 'kadmin' uses RPCSEC_GSS and > Wyllys> MIT uses a slightly different RPC protocol. > > [...] > >...

At 03:10 PM 8/19/2005, Peter 'EPLAN' LANGSTOEGER wrote: >In article <>, Dan >O'Reilly <dano@process.com> writes: > >Peter - > > > >At this time, you can't use Kerberos V2.1-72 on a TCPware system, so you'll > >have to regress back to the previous version (2.0-6). We're working on > >getting an ECO together to allow this, but it will be at least a week or > two, > >if not longer. > >Ok. In the meantime I found out that I already had this problem in Feb 200...

RE: apache & Kerberos #2
Matthew, Currently Windows NT, 2k and XP. We are currently porting to Linux and MacOSX. The server component is being ported to support : Windows/Apache 1.3 and 2.0 Linux/Apache 1.3 and 2.0 Solaris/Apache 1.3 and 2.0 We are interested to discuss requirements for other platforms/browsers if you have any. Thanks, Tim. -----Original Message----- From: Matthew Smith [mailto:matt@forsetti.com] Sent: 01 August 2003 19:18 To: Tim Alsop Cc: kerberos@mit.edu Subject: Re: apache & Kerberos Tim- What OS support is available for the local proxy? -Matt Tim Alsop wrote: > Andreas, > ...

Web resources about - Re: kerberos - Kadmin does not work #2 - comp.protocols.kerberos

Kerberos (protocol) - Wikipedia, the free encyclopedia
This article includes a list of references , related reading or external links , but its sources remain unclear because it lacks inline citations ...

Trekkies miss out after push to name Pluto moon 'Vulcan' fails; Kerberos and Styx chosen instead
BAD news, 'Star Trek' fans: Pluto's fourth and fifth moons have been named Kerberos and Styx, despite 'Vulcan' being the top suggestion.

Meet Pluto's smallest moons: Kerberos and Styx
Pluto's two smallest known moons have been officially named after characters associated with the underworld of Greek and Roman mythology.

Pluto's moons named Styx and Kerberos, despite vote for Vulcan
... Astronomical Union vetoed a public vote to name one of Pluto's two most recently discovered moons Vulcan and named the moons Styx and Kerberos. ...

kerberos articles on Engadget
kerberos articles, stories, news and information.

Microsoft Issues Emergency Patch for Kerberos Bug
The vulnerability could enable an attacker to elevate privileges. Microsoft recommends that organizations consider rebuilding their Windows domains. ...

Kerberos Productions Offers Expertise to President on the Weaponization of Outer Space
... game violence to the President and Vice-President of the United States, Sword of the Stars 1 & 2, Fort Zombie, and NorthStar developer Kerberos ...

The fourth and fifth moons of Pluto have officially been named Kerberos and Styx, respectively.
The fourth and fifth moons of Pluto have officially been named Kerberos and Styx , respectively. The Earth's moon is still named fucking "Aiden." ...

Poll For Pluto's Moons Closes, Vulcan and Kerberos Win - Geekosystem
First the SETI Institute put it up for vote, then the geeks and nerds swarmed the Internet, and now it's as certain as it can be before the International ...

Kerberos unleashed at last: Pluto’s dog-bone moon poses another mystery
NASA’s New Horizons probe has finally filled out its family portrait of Pluto and its moons – and Kerberos, the last moon to get its closeup, ...

Resources last updated: 1/25/2016 10:31:54 PM