Problems with Bind-Kerberos-Windows-Linux
juergen.dietl at googlemail.com
Mon Dec 6 16:01:35 UTC 2010
thanx again for your answer. So I read between the lines that even if there
were bugfixes for GSSTSIG in Bind V. 9.7.2 - it dont work. So we have to
wait until MS follow the standards? :-)
Forgive me but what is a disjoint domain environment?
thanx a lot,
2010/12/6 Phil Mayers <p.mayers at imperial.ac.uk>
> On 12/06/2010 03:18 PM, Jürgen Dietl wrote:
> The Log-File from the DNS-SUSE-Server tells me "wrong principal". Is
>> there a way to find out what principal it expects?
> You can configure it:
> tkey-domain "YOUR.DOMAIN";
> tkey-gssapi-credential "DNS/hostname.your.domain";
> (I've never managed to make this work under bind, FWIW. Even when I did get
> the kerberos working, the ms-self ACL turns out to be useless in a disjoint
> domain environment)
> bind-users mailing list
> bind-users at lists.isc.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the bind-users