[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: newbie question - LDAP and Active Directory



On Fri, 10 May 2002, Dave Snoopy wrote:
> One last question then, before taking this discussion
> off of this list (and to where?).

Questions specific to Kerberos (including interoperability with MS'
version) probably ought to go to the newsgroup comp.protocols.kerberos .

> What kind of realm and KDC info did you setup in your
> krb5.conf file for compatability with a Windows KDC
> and its ADS realm? Are the ports the same as in the
> sample krb5.conf file (port 89 for KDC, port 749 for
> admin server).

Actually I have commented that realm out of /etc/krb5.conf, since recent
releases of MIT Kerberos are able to track down the KDCs via DNS SRV
records just as Microsoft ADS clients do.  (I still had an active
domain_realm map entry for the ADS domain, but I have now commented that
out and it made no difference.)

-- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
MS Windows *is* user-friendly, but only for certain values of "user".