• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Kerberos authentication with dsDoDirNodeAuth ?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Kerberos authentication with dsDoDirNodeAuth ?

  • Subject: Re: Kerberos authentication with dsDoDirNodeAuth ?
  • From: Paul Nelson <email@hidden>
  • Date: Tue, 28 Feb 2006 08:19:03 -0600
  • Thread-topic: Kerberos authentication with dsDoDirNodeAuth ?
It would help if you can tell us why you are doing the dsDoDirNodeAuth.
What directory service node are you trying to authenticate with?
Does the user already have a Kerberos ticket granting ticket in their cache?
You can check for the TGT using 'klist'.

Paul Nelson
Thursby Software Systems, Inc.


> From: Nigel Kersten <email@hidden>
> Date: Tue, 28 Feb 2006 08:24:49 +1100
> To: <email@hidden>
> Subject: Kerberos authentication with dsDoDirNodeAuth ?
>
> I'm working on something at the moment where I'd like to be able to
> authenticate via Kerberos to a DirectoryService node.
>
> I'm ok with the Kerberos Login API, and can happily do
> dsDoDirNodeAuth with usernames and passwords, but I'm just wondering
> if anyone knows whether it's possible to do Kerberos authentication
> with the DirectoryServices API?
>
> I can get the kerberos principal for a given username with
> kDSStdAuthGetKerberosPrincipal, so is the idea that I should be
> grabbing an authorization ref from somewhere and using that to auth
> to the node? A search of the archives seemed to suggest that NetInfo
> is the only plugin that actually supports such an authentication
> method at the moment.
>
> I'm starting to get the impression that I'll have to use the lower
> level ldap_kerberos_bind_s() rather than DirectoryServices if I want
> to do Kerberos authentication? Does anyone know if this is right?
>
>
> --
> Nigel Kersten [Senior Technical Officer]
> College of Fine Arts, University of NSW, Australia.
> CRICOS Provider Code: 00098G
>
>
>  _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Darwin-dev mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Kerberos authentication with dsDoDirNodeAuth ?
      • From: Nigel Kersten <email@hidden>
References: 
 >Kerberos authentication with dsDoDirNodeAuth ? (From: Nigel Kersten <email@hidden>)

  • Prev by Date: Why no work on rsync?
  • Next by Date: Re: usefulness of source
  • Previous by thread: Kerberos authentication with dsDoDirNodeAuth ?
  • Next by thread: Re: Kerberos authentication with dsDoDirNodeAuth ?
  • Index(es):
    • Date
    • Thread