[31716] in Kerberos
Re: MIT kinit with AD userPrincipalName with SMTP domain and not
daemon@ATHENA.MIT.EDU (Luke Howard)
Sun Nov 22 06:54:19 2009
Mime-Version: 1.0 (Apple Message framework v1076)
From: Luke Howard <lukeh@padl.com>
In-Reply-To: <78c6bd860911210816j531b0caay70b40fdcb1d66a06@mail.gmail.com>
Date: Sun, 22 Nov 2009 12:53:30 +0100
Message-Id: <3C7D7603-6782-46D8-AD42-11EA6E25468A@padl.com>
To: Michael B Allen <ioplex@gmail.com>
Cc: kerberos <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi Mike,
> I understand now. Unfortunately, in practice, I need much more than
> kinit. I'm integrated with an old version of Heidmal so it seems I'll
> need to work on moving to a newer Heimdal and possibly work on
> krb5/principal.c:build_principal et al if the latest Heimdal doesn't
> already have it. I also want to do this with Java but given the
> spotted history of Java's builtin Kerberos implementation I don't
> expect that to be tackled easily. I kinda wish I just had a really
> solid ASN.1 compiler and crypto lib for the various languages. Ho-hum.
Ah, I assumed you were using MIT.
For those that are, there is AS referral support in 1.7, but from
memory there are some bugs (which really should be fixed in a patch
release). I don't have the details on hand. It definitely works in
trunk and thus 1.8.
-- Luke
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
