[14633] in Kerberos
Re: How to configure a Kerberos 5 Linux client of a Solaris KDC
daemon@ATHENA.MIT.EDU (Booker C. Bense)
Fri Jul 6 11:14:28 2001
Date: Fri, 6 Jul 2001 08:12:13 -0700 (PDT)
From: "Booker C. Bense" <bbense@networking.stanford.edu>
To: <kerberos@MIT.EDU>
In-Reply-To: <200107061431.f66EV1112522@ginger.cmf.nrl.navy.mil>
Message-ID: <Pine.GSO.4.33.0107060807260.9778-100000@shred.stanford.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Fri, 6 Jul 2001, Ken Hornstein wrote:
> >You cannot use an MIT-based 'kadmin' client with a SEAM based KDC because
> >the RPC protocol used by the MIT admin program is incompatible with the
> >RPC protocol used by SEAM. SEAM uses RPCSEC_GSS (RFC 2743) and MIT uses
> >an older, non-standard, secure RPC protocol.
>
> I always felt this was unfortunate, because this pretty much makes it
> manditory that you NOT use SEAM as a server if you want any sort of
> interoperability.
>
- Actually, if they had just provided a client API to go with the
server I'd be entirely happy with it. It was a few years ago, but
as I recall there were some advantages to the SEAM server. I can't
remember exactly what they were at the moment.
- Booker C. Bense
