Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

0 answers

Any other option than HTTPS + Basic auth for reverse proxied IIS site that uses double hop authentication to SQL server

We've been struggling for a while to get, what I had assumed would be a relatively common scenario to work and would appreciate any pointers. We have 2 x Windows 2012 Servers running IIS Server SQL Server 2012 We have kerberos delegation set up…

asked Apr 11 '14 at 10:34

Phil

3,138
1
21
27

votes

2 answers

IIS / kerberos not prompting for credentials from Mac clients

I have an IIS server (Server 2008R2/IIS 7.5) configured for kerberos authentication. The kerberos authentication works from clients on Windows (IE and Opera both tested), but when I access the site from any browser on a Mac (Safari, Chrome, or…

iis authentication mac kerberos

asked Apr 02 '14 at 16:57

Daryl Gubler

votes

1 answer

IIS Credential Delegation for AppPool in Integrated Pipeline mode

I know there have been mkore than a dozen articles on this topic, but for some reason I have not been able to find a solution. Server WEB1 has IIS7.5 with a site using Windows Authentication (kernel mode off, provider: "negotiate:kerberos") and a…

windows-server-2008-r2 iis iis-7.5 kerberos spn

asked Apr 01 '14 at 23:24

Ablue

1,140
1
12
32

votes

2 answers

Configure MSSQL 2008 to use kerberos authentication

I would like to set my current mssql db (2008 and 2012) to authenticate using a linux kerberos server that I have in my environment . The windows station is in a workgroup and I would like to avoid having to setup a domain controller and active…

sql-server sql-server-2008 kerberos jdbc

asked Mar 30 '14 at 17:30

John Doe

votes

0 answers

How to enable kerberos authentication to a Java web app

I'm currently using Centrify to aid with Kerberos/AD integration in our environment. Right now we have Kerberos enabled on a Centrified version of Apache. We are trying to run jnlp files through javaws and are having problems with passing Kerberos…

linux authentication java kerberos

asked Mar 28 '14 at 15:52

adivis12

votes

1 answer

setting kerberos ktpass ktab all that JAAS

I have a couple of questions on Kerberos on Windows. I want to find out what the purpose of mapping a user to a service using ktpass is. For example I am on windows and I run ktpass like this: ktpass -out -princ …

java websphere kerberos

asked Feb 07 '14 at 07:43

dorothy

votes

1 answer

Mail client with support for gssapi

I have configured Postfix and Cyrus Imap to enable SSO using Kerberos and GSSAPI. I use Thunderbird as a mail client which supports GSSAPI but I wanted to try some other client also. I tried installing Opera Mail but this has no support. That's…

email postfix kerberos gssapi

asked Dec 30 '13 at 17:30

Maria José

votes

1 answer

AFS client error message "tokens have expired"

I see the following syslog entries about once or twice a day on one of my servers. This server backs up files to AFS space using a Kerberos service principal: Dec 6 04:01:06 myserver kernel: [3681180.757245] afs: Tokens for user of AFS id -1 for…

debian kerberos

asked Dec 08 '13 at 04:59

user35042

2,601
10
32
57

votes

1 answer

To identify which application uses kerberos authentication

i need to identify which application / process requesting kerberos authentication. Eg I have an PC for login i am using windows AD account. In that pc there are several applicationslike outlook, shared folder,IE,ect. they required AD authentication.…

active-directory windows-server-2008-r2 kerberos

asked Nov 29 '13 at 13:10

karthick

votes

1 answer

DNS Portability with regards to LDAP/Kerberos

How portable is a DNS server when it comes to LDAP, especially Kerberos which I am using for authentication? Meaning, how much do I have to change to use the same LDAP server with 2 different DNS servers as long as they use the same names & IP…

linux domain-name-system ldap openldap kerberos

asked Nov 28 '13 at 18:44

trysis

votes

1 answer

Kerberos authentication of Windows clients and Redhat 5.5 with Samba PDC?

I already realize that configure Redhat 5.5 as PDC (Primary Domain Controller), and the clients (Windows XP and Windows 2003) can join the realm. The realm name of Linux server is EXAMPLE.COM. Currently, when the time client (e.g., Windows 2003)…

windows-server-2003 samba kerberos rhel5 domain-controller

asked Nov 12 '13 at 00:54

laoyang360

votes

1 answer

Tool to allow Kerberos Authenticated users to modify Firewall settings

I run a firewall on a central router. Recently, several users want to use Skype. Since firewalling Skype virtually means to switch the firewall off, I consider to allow users to temporarily punch holes for their system. Since the users have no…

linux firewall kerberos

asked Nov 04 '13 at 20:34

Lars Hanke

votes

1 answer

How does the Cisco Global Site Selector pass traffic?

I have reason to believe that the Cisco GSS 4400 Series behaves differently from Cisco ACE NLB's, in regards to the way they pass name references. I would like to know the details of how they differ, specifically the way the GSS deals with…

cisco load-balancing authentication kerberos

asked Sep 13 '13 at 19:05

lululoo

votes

1 answer

Is it possible to securely add an NFSv4 share to an ESXi Server?

I just wondered how to connect an NFSv4 share as storage extension to my ESXi. Since NFSv4 supports Kerberos, ESXi could use Username and Password to connect to the share, while no one else could access the data. But it seems VMware does not support…

security vmware-esxi nfs kerberos vmware-vcenter

asked Sep 13 '13 at 16:05

JohnnyFromBF

1,239
6
21
25

votes

1 answer

Unable to disable Kerberos Single Sign On (SSO)

I've been exploring Kerberos Single Sign On (SSO) to replace NTLM for a Web Application hosted internally within a Windows Domain. After creating Service Principal Names (SPN) for a test service (setspn -s) I can clearly see - using Fiddler or…

active-directory iis-7.5 kerberos single-sign-on

asked Sep 13 '13 at 15:04

rtev

Prev 1 2 3

…

75 76 Next