On Tuesday, July 11, 2006 07:20:18 PM -0400 Marcus Watts <[EMAIL PROTECTED]> wrote:
> Looks like it's working as coded. All of this logic appears to have > been in MIT since at least kerberos "1.0" in, um, 1995 --presumably > the older clients mentioned in the comment ought not be there anymore > so KRB5_ENCKRB5KDCREPPART_COMPAT could be not defined. Last I checked, we actually had such broken clients _deployed_, in the form of Cisco terminal servers. We run a Heimdal KDC, which has a configuration option to control this behavior. We have to have it set to the non-compliant mode, because of the broken clients. -- Jeff ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
