Re: (ASCEND) Ascend Access Control RADIUS <--> Kerberos

To: ascend-users@max.bungi.com
Subject: Re: (ASCEND) Ascend Access Control RADIUS <--> Kerberos
From: Tim Basher <basher@alpha.CES.CWRU.Edu>
Date: Thu, 16 Oct 97 17:04:48 EDT
Sender: owner-ascend-users@max.bungi.com

> I have the Access Control version of the RADIUS server (version 1.0Ai7)
> on a Solaris 2.5.1 machine and I'm trying to get it to authenticate against
> an AFS-style Kerberis v4 server.
>
> When I test with radpwtst, I can see a KDC request go out to the
> right place (/etc/krb.conf has been set up), and a non-error KDC
> reply come back. The unencrypted part of the reply looks good, but
> radpwtst always reports an authentication failure.

What does radiusd report in the logfile?  You might trying running radiusd
in debug mode (add "-x -x" to the command line) and checking the messages
in the radius.debug.

> Trying MIT-KRB in place of AFS-KRB changes nothing.

MIT-KRB will definitely fail for a real AFS Kerberos server.  The format of
the info in a ticket is different and you need a different passwd_to_key()
function.
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Follow-Ups:

Re: (ASCEND) Ascend Access Control RADIUS <--> Kerberos

From: "Matt Crawford" <crawdad@fnal.gov>

Prev by Date: RE: (ASCEND) P75 -> Max : CL OK c=47?
Next by Date: (ASCEND) pcAnywhere/MAX fix?
Prev by thread: Re: (ASCEND) Ascend Access Control RADIUS <--> Kerberos
Next by thread: Re: (ASCEND) Ascend Access Control RADIUS <--> Kerberos
Index(es):
- Main
- Thread