Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

2 answers

heimdal kerberos heterogeneous network

which is possible (or both) heimdal or kerberos for heterogeneous network login ie unix kdc running MIT kerberos or heimdal clients (services) to kdc bsd/linux client (to authenticate to services examples authenticate or ssh) windows/bsd/linux of…

authentication kerberos

asked Jun 20 '09 at 04:12

rev

votes

2 answers

Domain authentication used for kerberos based authentication of users on my server

Suppose a user process has authenticated itself against domain's directory server via kerberos, and then attempts opens a network socket to my server application. My server application has a white-list of users from the domain directory server. How…

domain authentication kerberos directory

asked Jun 30 '11 at 12:35

Hawkeye

2,669
9
30
34

votes

2 answers

Mac OS X Server Secure Log full of failed SSH attempts

Whenever one of our server's admins tries to access our machine running Mac OS X Server 10.5 via SSH, I get the following error exactly every 10 seconds in the security log: sshd[32575]: /etc/sshd_config line 70: Unsupported option…

security ssh log-files mac kerberos

asked Jun 09 '11 at 12:53

Zach Esposito

votes

1 answer

Changing the text of the kerberos passwd prompt

We are running kerberos (krb5-1.7) on SLES 11 SP1. Our users seem to have trouble changing their passwords with the password command. They are confused by the initial prompt, and don't understand that it is first asking to "enter your current…

kerberos sles passwd sles11

asked Jun 07 '11 at 16:49

Banjer

3,854
11
40
47

votes

1 answer

AD + Postfix + Dovecot problems with query_filter

I set up a mail server AD + Postfix + Dovecot + Kerberos This works fine for only one domain In the attribute mail=test@test.com, in otherMailbox=vasya@otherdoamin.com,petya@another.net Config files: Postfix ldap-users.cf server_host =…

postfix kerberos dovecot

asked Jun 01 '11 at 07:40

Ross

votes

1 answer

Kerberos Password Change Web Interface Suggestions

Debian 6 MIT Kerberos i.e. krb5 We can change our Kerberos passwords by using kpasswd at the command line. We'd like to offer users the option to change their Kerberos passwords in a friendly web interface. Is there an existing web application or…

debian password kerberos

asked Apr 15 '11 at 08:45

caleban

1,116
4
18
34

votes

1 answer

How to grant a kerberos ticket after successful imap authentication from dovecot

An interesting question, I hope. I am running a set of virtual machines under debian 6, to build a mail/collaboration server. I am mainly using dovecot, postfix, openldap and heimdal. Mails are stored using maildir, on a NFSv4 share. My users are…

debian nfs kerberos pam dovecot

asked Mar 31 '11 at 08:48

Andre Rodier

votes

1 answer

exchange 2010 exchange management console, access denied. Time sync issue?

I installed Exchange 2010 on Windows Server 2008r2, my domain already has an Exchange 2007 organization present. During the Exchange 2010 installation, two errors occurred: Upon the hub transport role install, it failed with msexchangeadtopology…

windows-server-2008-r2 exchange-2010 kerberos permissions

asked Mar 19 '11 at 16:45

Jeff

1,089
5
25
46

votes

2 answers

Create a linked SQL server across a domain

I am trying to create linked server on a SQL 2008 server to sql server on another domain. I tried following the advice given in this article: http://msdn.microsoft.com/en-us/library/ee191523%28v=sql.100%29.aspx about setting up Kerberos delegation…

sql-server-2008 kerberos delegation

asked Mar 09 '11 at 23:29

Paul

votes

2 answers

How can i get SSO for alfresco on windows-7 to work?

domain AD on windows 2008 R2, linux server alfresco 3.4c, windows-7 client. I'm trying to get automatically logged into alfresco from the windows-7 client. I've looked with wireshark to see what happens: 1. Client goes to /alfresco 2. Server sends…

windows-7 kerberos alfresco

asked Mar 02 '11 at 14:59

Maarten

votes

2 answers

How can i get more user debug logging related to kerberos for alfresco?

I am running alfresco community edition 3.4c on a debian linux. I have problems getting the kerberos authentication in order. The biggest problem is that do not seem to have any sort of user logs. what i am using already: …

linux kerberos alfresco

asked Mar 02 '11 at 12:49

Maarten

votes

1 answer

How to manage ldap users/kerberos principals on Ubuntu server?

I've recently setup a small test network with an Ubuntu server and Ubuntu clients. People can login to a client machine using an account stored in LDAP (created using ldapadduser from the ldapscripts package). The problem has arisen when it came to…

ubuntu ldap user-management kerberos

asked Feb 09 '11 at 21:01

danbishop

votes

1 answer

kerberos security question

I don't know what the best practice for kerberos is with regards to security. I was wondering is it a good idea to allow a kerberos server to be public so public servers can use single-sign on or is it something that is only reserved for internal…

windows-server-2003 security kerberos

asked Jan 14 '11 at 18:03

PHGamer

votes

2 answers

Automate setup of constrained kerberos delegation in AD

I have a web app that uses some backend servers (UNC, HTTP and SQL). To get this working I need to configure ServicePrincipalNames for the account running the IIS AppPool and then allow kerberos delegation to the backend services. I know how to…

windows-server-2003 active-directory scripting kerberos delegation

asked Dec 02 '10 at 16:42

Grhm

votes

1 answer

kerberos error when active-directory user connects to Solaris machine

I have configured two CentOS machines to authenticate via kerberos and LDAP to Windows Server 2008 R2 Active Directory. I am now trying to do the same to a Solaris 10u9 (without upgrades to Kerberos or ldap) machine but am running into a problem --…

active-directory solaris kerberos

asked Nov 03 '10 at 20:55

jamesbtate

Prev 1 2 3

…

75 76 Next