I have installed Kerberos security in my UNIX system but I need to disable because of an application conflict with Kerberos.
So Anybody ca tell me how can I disable it?
Thank you (1 Reply)
I have 2 servers (lft1 and lft3) running AIX 5.3 ML 5. Both are installed with krb5.client.rte 1.4.0.4 and openssh.base.server 4.3.0.5300.
I have configured some of the users on both servers to authenticate against our Windows 2003 Active Directory. From my PC, I can use telnet to login... (1 Reply)
I was wondering if any of you have used NFS4 with KERBEROS in a HACMP setup and environment with more than 1 resourcegroup that has NFS mount in them.
I Configures the host keys for an Network File System (NFS) server I get stuck with the nfshostkey
I can only add one at a time per system so... (0 Replies)
I am in the process of developing a application that needs to be able to authenticate users details with a kerberos server, which is proving to be rather difficult. There seems to be a lack of good information on how to do this using the MIT kerberos api.
Can anyone point me in the right... (0 Replies)
@kah00na and all others,
i have done al steps of the HowTo "Authenticate AIX users from MSActive Directory", found in this forum, but it still does not work.
The test with kinit USERNAME works fine. But if i try to login i get the "UNKNOWN_USER" error in the debug.log.All steps to change... (11 Replies)
Hi,
I have a simple Apache setup that works fine when I create a keytab on a domain level authentication works fine. When I create a keytab at the forest level authentication does not work. I get the following error message. Does anyone know what I am doing wrong here? I validated there is the... (0 Replies)
Our Network Security folks have mandated that we "Kerberize" our systems to allow them to perform an authenticated scan. This consists of instructions to change /etc/pam.d/sshd from:
# sshd: auth account password session
auth optional pam_krb5.so use_kcminit
auth optional ... (0 Replies)
I am installing Authen::Krb5::Easy and during make test I am getting the follwing error :
kinit not ok 2
error was: could not get initial credentials: Cannot contact any KDC for requested realm
we are stroring krb5.conf in diff location ( not in /etc/krb5.conf) , but, PERL is... (1 Reply)
Discussion started by: talashil
1 Replies
LEARN ABOUT DEBIAN
krb5_domain_x500_decode
KRB5_CHECK_TRANSITED(3) BSD Library Functions Manual KRB5_CHECK_TRANSITED(3)NAME
krb5_check_transited, krb5_check_transited_realms, krb5_domain_x500_decode, krb5_domain_x500_encode -- realm transit verification and encod-
ing/decoding functions
LIBRARY
Kerberos 5 Library (libkrb5, -lkrb5)
SYNOPSIS
#include <krb5.h>
krb5_error_code
krb5_check_transited(krb5_context context, krb5_const_realm client_realm, krb5_const_realm server_realm, krb5_realm *realms, int num_realms,
int *bad_realm);
krb5_error_code
krb5_check_transited_realms(krb5_context context, const char *const *realms, int num_realms, int *bad_realm);
krb5_error_code
krb5_domain_x500_decode(krb5_context context, krb5_data tr, char ***realms, int *num_realms, const char *client_realm,
const char *server_realm);
krb5_error_code
krb5_domain_x500_encode(char **realms, int num_realms, krb5_data *encoding);
DESCRIPTION
krb5_check_transited() checks the path from client_realm to server_realm where realms and num_realms is the realms between them. If the
function returns an error value, bad_realm will be set to the realm in the list causing the error. krb5_check_transited() is used internally
by the KDC and libkrb5 and should not be called by client applications.
krb5_check_transited_realms() is deprecated.
krb5_domain_x500_encode() and krb5_domain_x500_decode() encodes and decodes the realm names in the X500 format that Kerberos uses to describe
the transited realms in krbtgts.
SEE ALSO krb5(3), krb5.conf(5)HEIMDAL May 1, 2006 HEIMDAL