KTH Kerberos and Heimdal
Love
lha at stacken.kth.se
Sun Jul 30 22:26:54 CEST 2000
Dr A V Le Blanc <LeBlanc at mcc.ac.uk> writes:
> A note in the recent relese of KTH Heimdal verson 0.3 says
> that it should now be possible to use it for most Kerberos 4
> purposes.
>
> (1) Is it possible to compile arla with heimdal instead of
> kth-kerberos 4?
No, arla depends on Kerberos 4, and Heimdal depends on kth-krb for Kerberos
4 support. But you only need to compile the krb4 lib, and install the
headerfiles/lib from kth-krb, the rest of it is included in heimdal (they
share code).
> (2) Is it possible to configure heimdal to refer to a
> Transarc kadatabase for kerberos 4 (AFS) requests, but to
> go to a proper kerberos 5 (heimdal) server for kerberos 5
> requests? (I have two kerberos servers in this way, and
> would not mind doing away with the two sets of libraries,
> two versions of kinit, etc, if it all worked somehow.
> The two servers have different realm names.)
Heimdal can read the kaserver's database and create a Heimdal database of
it. Then if you run configure with --enable-kaserver and start the kdc with
--kaserver, the kdc will resond to ka-requests too.
Heimdal 0.3a will try to get krb4 tickets when there isn't a kerberos 5
server available, klist will show both krb4 and krb5 tickets.
The only problem when Heimdal is that kx is slow.
Love
More information about the Arla-drinkers
mailing list