Re: [Fed-Talk] Pkinit working on Snow Leopard but need forwardable TGT
Re: [Fed-Talk] Pkinit working on Snow Leopard but need forwardable TGT
- Subject: Re: [Fed-Talk] Pkinit working on Snow Leopard but need forwardable TGT
- From: "Disiena, Ridley J. (GRC-VO00)[DB Consulting Group, Inc.]" <email@hidden>
- Date: Wed, 19 Jan 2011 07:42:48 -0600
- Acceptlanguage: en-US
- Thread-topic: [Fed-Talk] Pkinit working on Snow Leopard but need forwardable TGT
Please note, there are security vulnerabilities in this implementation that were not addressed until 10.6.6. Please contact Apple for more information, they have been made aware of the issue.
Sent from my iPad
On Jan 19, 2011, at 8:24 AM, "Glenn Machin" <email@hidden> wrote:
> Using the information on the attached guide I am able to login to my
> MacBook Pro with a Gemalto USB .NET smartcard and I authenticate to
> ActiveDirectory using PKINIT. The problem is the TGT is not
> forwardable even though the /Library/Preferences/edu.mit.Kerberos config
> file calls for a forwardable TGT. (see attached screenshot)
>
> What config file or plist tells pkinit to get a forwardable TGT?
>
>
>
> Glenn
>
> <pkinitconfigFAQ.pdf>
> <Screen shot 2011-01-19 at 6.13.40 AM.png>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden