Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

2 answers

Impact of increasing the MaxTokenSize for Kerberos Tickets

Recently by migrating form Netware to Windows file servers we have ended up creating a boat load of AD groups. We have now run in to some problems with authenticating and gaining access to resources. After some initial troubleshooting we have…

windows-server-2008 active-directory kerberos

asked Oct 16 '12 at 10:17

user35213

votes

1 answer

Immediate logout after login with PAM, Kerberos, and LDAP

I've set up remote login on a computer using Kerberos and LDAP. I've also configured NFS to mount onto /home so that the user's home directory is the same wherever they login. Kerberos authentication seems to work fine. I can get a ticket using…

ldap login kerberos pam

asked Oct 09 '12 at 15:12

Dylan Klomparens

votes

2 answers

How to cache authentication in Linux using PAM/Kerberos authentication (for CVS)?

We have several Linux servers that authenticate Linux user passwords on our Windows Active Directory Server using PAM and Kerberos 5. The Linux distro we use is CentOS 6. On one system, we have several Version Control Systems like CVS and…

authentication kerberos cvs

asked Sep 17 '12 at 12:35

Calonthar

votes

2 answers

RHEL 5.8 Kerberos Active Directory Windows 2003 Server SP2

I am going nuts here trying to debug a problem. So I need to connect this Linux Box to an AD Domain through Kerberos. here is my krb5.conf: [libdefaults] default_realm=OURDOMAIN.COM dns_lookup_realm=true dns_lookup_kdc=true …

active-directory redhat kerberos

asked Jul 27 '12 at 13:38

Eugene

votes

1 answer

How to change a Kerberos password on Fedora

How do you forcefully change a user's Kerberos password in Fedora? The only docs I could find mention kpasswd , but this requires the user's current password, which the admin probably won't know. I found some BSD docs that use k5admin -l,…

linux fedora kerberos

asked Jul 18 '12 at 15:54

Cerin

3,497
17
57
72

votes

1 answer

Making a kerberos keytab in Windows

I am writing a pGina plugin to get AFS Tokens and a Kerberos TGT from our kdcs at login, while writing I noticed a 'feature' of kinit being that it wont let you provide any input unless its from the keyboard, there went my idea of just redirecting…

windows kerberos

asked Jun 07 '12 at 23:42

rolands

votes

1 answer

Kerberos & localhost

I've got a Kerberos v5 server set up on a Linux machine, and it's working very well when connecting to other hosts (using samba, ldap or ssh), for which there are principals in my kerberos database. Can I use kerberos to authenticate against…

ssh localhost kerberos

asked May 30 '12 at 13:53

Alex Leach

1,577
3
14
18

votes

1 answer

Kerberos Logging with Server 2008 R2 and Server 2003 SP2

Good morning everyone. I've been working with a Microsoft support technician for the last several days on a problem that appears related to delegation and/or Kerberos. The domain is running in a 2003 mixed mode operations level and the two domain…

windows-server-2003 windows-server-2008-r2 kerberos

asked Feb 08 '12 at 14:26

Christopher W. Szabo

votes

1 answer

Strong Cryptography in Solaris Zone

I'm trying to setup a Kerberos KDC on a Solaris zone but ran into a bit of a problem with the Cryptographic Framework on Solaris 10 even though the packages for strong encryption (SUNWcry & SUNWcryr) are installed the stronger keys seem only to be…

solaris kerberos solaris-10 zones cryptography

asked Jan 23 '12 at 11:27

Marcel G

2,149
14
24

votes

2 answers

How to get windows xp to authenticate against kerberos or heimdal

How do you get windows XP as a client to authenticate against kerberos or heimdal (where the OS is either Ubuntu, FreeBSD or OpenBSD)

linux windows-xp authentication kerberos bsd

asked Jun 30 '09 at 01:11

rev

votes

1 answer

Windows clients unable to access Samba share on AD joined Linux box every 7 days

The problem: Every 7 days, 2 Windows Servers are unable to access a SMB/CIFS share. It will start working after a handful of hours. The environment: OpenFiler Linux box joined to 2003 AD Domain Foreground app on Win2003 server access the SMB/CIFS…

linux windows active-directory samba kerberos

asked Nov 08 '11 at 14:27

Hassle2

votes

1 answer

Why deploy Kerberos for Exchange 2010 SP1 RU3?

The first version of Exchange 2010 to support Kerberos is SP1 RU3. It does this through the RollAlternateServiceAccountCredential.ps1 commandlet. Besides implementing "better" security, does this offer any other benefits for disaster recovery,…

exchange exchange-2010 kerberos ntlm spn

asked Oct 01 '11 at 19:01

makerofthings7

8,821
28
115
196

votes

2 answers

Known services that don't use Kerberos authentication?

I'm looking to set up a Kerberos trust between MIT Kerberos5 and Active Directory. However, it's noted in my old Kerberos book from 2003 that "there are several applications, notably Microsoft Exchange (2000 and below), that still use the older…

active-directory kerberos mitkerberos

asked Jul 29 '11 at 18:57

jldugger

14,122
19
73
129

votes

2 answers

Kerberos authentication to an aliased SQL Server

I'm trying to get Kerberos authentication to work with a named SQL 2008 instance. I've got it working if I connect to the instance as machine_name\instance_name. However, we have multiple A records in DNS for the same host. When I try to connect…

sql-server kerberos

asked Jun 03 '11 at 21:27

Ben Thul

2,969
16
23

votes

2 answers

Why do kerberos HOWTOs specify to copy keytabs securely to the host? Is networked kadmin not secure?

Kerberos HOWTOs often have words similar to these: Securely transfer (via flash drive, disk, or encrypted connection) the keytab to the client host. Is logging in on the client host as root, running kinit to get credentials for an administrative…

kerberos

asked May 28 '11 at 04:01

lmz

Prev 1 2 3

…

75 76 Next