|
version 1.8, 2013/02/16 11:50:13
|
version 1.9, 2013/02/16 13:48:16
|
|
Line 24 NetBSD will now autodiscover and uses th
|
Line 24 NetBSD will now autodiscover and uses th
|
| in DNS. To use Kerberized TNF services, log in with your Kerberos |
in DNS. To use Kerberized TNF services, log in with your Kerberos |
| [[password]]: |
[[password]]: |
| |
|
| `$ kinit <username>@NETBSD.ORG` |
$ kinit <username>@NETBSD.ORG |
| |
|
| The right-hand side is a Kerberos realm, not a DNS domain. Case is significant! |
The right-hand side is a Kerberos realm, not a DNS domain. Case is significant! |
| |
|
| |
|
| ## MacOSX |
## Mac OS X |
| |
|
| OS X autodiscovers and uses the NETBSD.ORG KDC as defined in DNS. |
OS X autodiscovers and uses the NETBSD.ORG KDC as defined in DNS. |
| To use Kerberized TNF services, log in with your Kerberos [[password]]: |
To use Kerberized TNF services, log in with your Kerberos [[password]]: |
| |
|
| `$ kinit <username>@NETBSD.ORG` |
$ kinit <username>@NETBSD.ORG |
| |
|
| The right-hand side is a Kerberos realm, not a DNS domain. Case is significant! |
The right-hand side is a Kerberos realm, not a DNS domain. Case is significant! |
| |
|
|
Line 42 The right-hand side is a Kerberos realm,
|
Line 42 The right-hand side is a Kerberos realm,
|
| |
|
| To pop up a GUI password dialog: |
To pop up a GUI password dialog: |
| |
|
| `$ kinit <username>@NETBSD.ORG </dev/null` |
$ kinit <username>@NETBSD.ORG </dev/null |
| |
|
| Check "Remember this password in my keychain" to make future Kerberos |
Check "Remember this password in my keychain" to make future Kerberos |
| logins (sans input redirection) prompt-free. |
logins (sans input redirection) prompt-free. |
|
Line 50 logins (sans input redirection) prompt-f
|
Line 50 logins (sans input redirection) prompt-f
|
| |
|
| ## Windows XP |
## Windows XP |
| |
|
| Windows does not provide an easy way to configure and use KDCs different from the one embedded into an Active Directory. |
Windows does not provide an easy way to configure and use KDCs |
| |
different from the one embedded into an Active Directory. |
| |
|
| Therefore, to use [[Kerberos]], you should follow the following steps: |
Therefore, to use [[Kerberos]], you should follow the following |
| |
steps: |
| |
|
| 7. Download the [MIT Kerberos for Windows](http://web.mit.edu/Kerberos/dist/#kfw-3.2) installer. It is composed of different tools traditionally found with Kerberos distributions, like [[!template id=man name=kinit section=1]] or [[!template id=man name=klist section=1]], and a Network Identity Manager, an application used to manage credential caching of Kerberos tickets. |
7. Download the |
| |
[MIT Kerberos for Windows](http://web.mit.edu/Kerberos/dist/#kfw-3.2) |
| 7. Install the package. Use the default provided options, then restart the computer. |
installer. It is composed of different tools traditionally found |
| |
with Kerberos distributions, like |
| 7. The Network Identity Manager [(PDF)](http://web.mit.edu/kerberos/kfw-3.2/kfw-3.2.2/netidmgr_userdoc.pdf) should automatically start when you login. As there is no principal currently configured, it should open a dialog box to obtain the new credentials. |
[[!template id=man name=kinit section=1]] or |
| |
[[!template id=man name=klist section=1]], and a Network Identity |
| |
Manager, an application used to manage credential caching of |
| |
Kerberos tickets. |
| |
|
| |
7. Install the package. Use the default provided options, then |
| |
restart the computer. |
| |
|
| |
7. The Network Identity Manager |
| |
[(PDF)](http://web.mit.edu/kerberos/kfw-3.2/kfw-3.2.2/netidmgr_userdoc.pdf) |
| |
should automatically start when you login. As there is no principal |
| |
currently configured, it should open a dialog box to obtain the |
| |
new credentials. |
| |
|
| 7. Enter your principal: |
7. Enter your principal: |
| |
|
| Username: <username> |
Username: <username> |
| Realm: NETBSD.ORG |
Realm: NETBSD.ORG |
| |
|
| 7. Click `Ok`. After a few seconds, it should obtain the TGT for you from NetBSD.ORG KDC. |
7. Click `Ok`. After a few seconds, it should obtain the TGT for |
| |
you from the NETBSD.ORG KDC. |
![[BACK]](/icons/back.gif){kind=icon}
Return to system.mdwn CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [NetBSD Developer Wiki] / wikisrc / kerberos