Search results
From K5Wiki
Create the page "Well known principal" on this wiki! See also the search results found.
Page title matches
Page text matches
- ...That is, the desired service principal's realm is replaced with the client principal's and a TGS-REQ is sent to that realm's TGS. - when the client principal's realm is a WELLKNOWN realm (e.g., the anonymous realm)4 KB (728 words) - 12:15, 23 July 2019
- * Implement principal renaming in LDAP back end814 bytes (102 words) - 17:15, 7 October 2016
- ...ther to offer specific factors (including SF-NONE) for a particular client principal.5 KB (846 words) - 01:36, 28 October 2015
- ...the PRF+ function with the string "COOKIE" followed by the unparsed client principal name as input. The encryption uses key usage 513, which is in the key usag7 KB (1,065 words) - 14:25, 23 September 2015
- ===Principal key history=== * Principal name2 KB (272 words) - 16:08, 14 September 2015
- ...y set to /opt/csw. This would ordinarily allow ssh access by the Kerberos principal games@ATHENA.MIT.EDU. We change the home directory of this account to / so ...als may be added to .k5login, but make sure it exists so that the Kerberos principal "buildbot" does not have access to the account.7 KB (1,263 words) - 11:54, 12 July 2018
- ...ontain a SAN (Subject Alternative Name) field containing either a Kerberos principal or a Microsoft UPN. In some deployments, certificates are issued from a th ...nge) to determine whether a certificate is authorized to authenticate to a principal. A certauth module can be implemented in the same shared object as a KDB m3 KB (495 words) - 11:30, 5 December 2018
- Conversions to an unsigned integer type are well-specified (C99 section 6.3.1.3), as are arithmetic operations on unsigned t * lockout.c (LDAP and DB2) compares timestamps to determine if a principal entry is locked or was administratively unlocked.18 KB (2,968 words) - 15:53, 7 May 2017
- ...principal operations, which may result in changes to the added or modified principal. ...urrently not possible with kadm5.acl as we only allow wildcarding of whole principal components.9 KB (1,469 words) - 18:03, 29 July 2017
- ...script from krbdev-services into it. Also create a keytab for the krbsnap principal in ~/snap/krbsnap.keytab. Add the cron job to run gensnap from krbdev/krbs8 KB (1,183 words) - 21:33, 17 April 2020
- ...be associated with the principal entry in the KDB to bind the token to the principal. Signing produces a one-time access credential in response to a challenge. * Registration is performed in band. The KDC administrator flags the principal entry as requiring token registration, causing the KDC to issue a special c6 KB (966 words) - 16:34, 6 November 2018
- ...e, krb5_sname_to_principal() would have to leave the short hostname in the principal name, and krb5_get_credentials() would have to add suffixes when performing ...5.conf variable, allowing greater administrator control over the canonical principal names the library will try. Here is an example from Heimdal's krb5.conf(5)7 KB (1,179 words) - 17:37, 7 December 2019
- ...({{rfcref|6803}} section 3), the KDC may issue a ticket to an outgoing TGS principal; this is called a "referral". ...he "subject") to the requesting service. The subject may be identified by principal or by X.509 certificate. S4U2Self requests do not require special privileg13 KB (2,178 words) - 03:19, 9 December 2021
