[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: kinit with pkinit and win2k kdc
Prágai Róbert <pragai@rubin.hu> writes:
> Hi,
>
> I've tied to kinit using pkinit to a win2k KDC with:
>
> kinit -C cert.pem -K key.pem -D ./CA/default/ username
>
> but the kinit failed with:
>
> kinit: krb5_get_init_creds: KDC has no support for padata type
> I've already successfully managed to kinit to the local heimdal
> KDC, but the win2k just doesn't work.
> I have username in the domain, and he has the proper certificate.What
> else should I set in the win2k server to make things work, or what can
> be the problem with the preauthentication?
I think you have to set
[libdefaults]win2k_compatible=yes
to make it work with windows 2000 for pkinit.
Love
PGP signature