[20305] in Kerberos_V5_Development
Re: Not building kcpytkt/kdeltkt
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Tue Aug 3 10:20:01 2021
Message-ID: <202108031419.173EJPhG009889@hedwig.cmf.nrl.navy.mil>
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
To: krbdev@mit.edu
In-Reply-To: <0100017b09f47cbc-0d47c526-2e2f-4c35-8ee3-e9afd0ad6ea3-000000@email.amazonses.com>
MIME-Version: 1.0
Date: Tue, 03 Aug 2021 10:19:23 -0400
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
>There was some internal discussion back in 2004.
>The utilities were written to exercise new Windows functionality, and no
>one even talked about exposing them on other platforms.
>My recollection after rereading that discussion is that we could see why
>you might want to delete a ticket from the LSA: deleting the entire LSA
>ccache seemed kind of like a big deal on Windows, and you might want to
>be able to delete a ticket to force that ticket to be retrieved again
>or simply to remove it.
>
>But I don't think anyone particularly thought of use cases for other
>platforms at the time.
Thanks for the info, Sam!
But the fact that krb5_cc_remove_cred() is used by Samba suggests to me
that kdeltkt might be useful on other platforms, especially if you're
using a Windows DC? It looks like kcpytkt functionality already exists
in other tools.
--Ken
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
