>>>>> "Russ" == Russ Allbery <[EMAIL PROTECTED]> writes:
Russ> Sam Hartman <[EMAIL PROTECTED]> writes:
>>>>>>> "MattW" == MattW <[EMAIL PROTECTED]> writes:
MattW> Can I leave my Kerberos 5 KDC in pure Kerb 5 mode or do I
MattW> have to run some kind of Kerb 5-to-4 daemon to issue kerb 4
MattW> tickets to the AFS server - I'd like to be pure kerb 5 if
MattW> possible.
>> You could in theory use a special aklog, but you are probably
>> better off running a krb524d.
Russ> Out of curiosity, why would you say that? The native
Russ> Kerberos v5 support in OpenAFS looks a lot nicer and means
Russ> that there's no Kerberos v4 exposure at all.
Because when I looked at writing an aklog to do this, I found that I
needed some ASN.1 library routines that are not exported. So, the
code wouldn't work on Mac or Windows and will break between versions
of Kerberos on Unix.
You might be able to get kvno 256 working; didn't try that.
________________________________________________
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
