Re: using UPN to auth
- From: Ben W Young <ben.w.young@xxxxxxxxxxxxxx>
- Date: Wed, 12 Mar 2008 13:42:11 +1100
Markus,
I believe this is what I need to do and you may have commented on this for
me before in another thread.
How would I go about modifying kinit on os x as you have mentioned below?
Regards,
Ben W Young
From: Markus Moeller <huaraz@xxxxxxxxxxxxxxxx>
Date: Wed, 12 Mar 2008 00:32:41 -0000
To: "kerberos@xxxxxxx" <mailto:kerberos@xxxxxxx>
Subject: Re: using UPN to auth
You need a modified kinit which sets the principal type to 10 (enterprise
name type). Windows will then use the UPN instead of the samaccountname to
authenticate. (See attached sample mkinit.c)
Markus.
BTW If your client support client canonicalisation you can authenticate as
jdoe@xxxxxxxxxx but get a ticket for samaccountname.
"Terry" <td3201@xxxxxxxxx> wrote in message
news:8ee061010803111146g3d5b36b2rd5e22be1d3961073@xxxxxxxxxxxxxxxxx
Hello,________________________________________________
I am very new to this. I have a FQDN in AD set to domain.foo. The
UPN of a user is jdoe@xxxxxxxxxxx (note the difference between foo
and com).
How can I authenticate with jdoe@xxxxxxxxxx? I am able to auth
correctly with the sAMAccountName.
Thanks!
________________________________________________
Kerberos mailing list Kerberos@xxxxxxx
https://mailman.mit.edu/mailman/listinfo/kerberos
Kerberos mailing list Kerberos@xxxxxxx
https://mailman.mit.edu/mailman/listinfo/kerberos
**********************************************************************
This message is intended for the addressee named and may contain
privileged information or confidential information or both. If you
are not the intended recipient please delete it and notify the sender.
**********************************************************************
.
- Prev by Date: Re: More fun with Russ' pam_krb5
- Next by Date: Kerberos 5 Implementation for Windows Mobile
- Previous by thread: Re: using UPN to auth
- Next by thread: Re: using UPN to auth
- Index(es):
Relevant Pages
|
