Re: Windows 2000 Kerberos and UNIX

From: Eric Chamberlain (telogix@hotmail.com)
Date: 10/09/02 

From: "Eric Chamberlain" <telogix@hotmail.com>
Date: Tue, 8 Oct 2002 18:06:16 -0700

At the bottom of this page,
http://calnetad.berkeley.edu/documentation/test_environment/, is a list of
resources we used to get Kerberos integration working in our environment. 

--
Eric Chamberlain, CISSP
"Peter Van Keymeulen" <peter_vankeymeulen@datos.be> wrote in message
news:O$skEBxbCHA.1940@tkmsftngp11...
> Hello,
>
> I read most of the Microsoft documents regarding Kerberos. I don't have a
> language problem but due to the way Microsoft wrote the documents there
are
> some things I don't understand.
>
> I want to meet the following goal: I want a Windows 2000 user logging on
to
> a windows 2000 workstation using his AD account have access to a resource
on
> a UNIX server. I want to use Kerberos to have a single sign on. I don't
want
> to create accounts on both systems and have a synchronization tool to sync
> the accounts and their password. If I do understand, it would be possible
to
> reach my goal using a trust between the AD and the Kerberos realm on the
> UNIX without the need to use a kind of account mapping. I found a
Microsoft
> document describing some possibilities but I don't know which I need to
take
> in order to reach my goal. The document I used was:
>
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
> ol/windows2000serv/deploy/walkthru/kerbstep.asp
>
> Are there other documents? Does anyone have experiences with this?
>
> Thanks in advance,
> Regards,
> Peter
>
>
>
>
>

Relevant Pages

  • Re: impersonation using kerberos
    ... and then finding out you can enable kerberos event logging.... ... and for the computer account contains ... This error appears on my SQL box ... KDC cannot accommodate requested option. ...
    (microsoft.public.win2000.active_directory)
  • Re: Seamless/transparent SSO with Apache, Win2003, IE
    ... Did you have the 'Use DES encryption types for this account' option ticked ... I'm trying to create a seamless sign on to a web site ... using Solaris (Kerberos installed), Apache ... Sequence number: 315 (relative sequence number) ...
    (comp.protocols.kerberos)
  • Re: Howto refresh IIS 6 Application pool identity credential info
    ... I doubt the cluster environment has problems with kerberos tickets, ... Only account A has access to database DB-A ... Application A and Application B have an application security based on ... The Pool identity is the one accessing the backend resources like ...
    (microsoft.public.inetserver.iis.security)
  • RE: Excel Calculation Services
    ... \par Have you tried to use the Kerberos to delegate the credentials? ... If the sharepoint application pool is a domain account, then you must register an SPN for it, e.g. ... \par As for accessing data sources using delegation from excel services, ...
    (microsoft.public.sharepoint.portalserver.development)
  • Re: AW: AW: AW: Some Users get Basic Auth?
    ... We'have just created a new domain Account and voila, ... So somekind of settings in the userprofile are incorrect, so the auth box popped up. ... If i login with MY windows account, ... Where can i configer the browser, that it use only Kerberos? ...
    (comp.protocols.kerberos)