Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Ascend Access Control RADIUS <--> Kerberos
> I have the Access Control version of the RADIUS server (version 1.0Ai7)
> on a Solaris 2.5.1 machine and I'm trying to get it to authenticate against
> an AFS-style Kerberis v4 server.
>
> When I test with radpwtst, I can see a KDC request go out to the
> right place (/etc/krb.conf has been set up), and a non-error KDC
> reply come back. The unencrypted part of the reply looks good, but
> radpwtst always reports an authentication failure.
What does radiusd report in the logfile? You might trying running radiusd
in debug mode (add "-x -x" to the command line) and checking the messages
in the radius.debug.
> Trying MIT-KRB in place of AFS-KRB changes nothing.
MIT-KRB will definitely fail for a real AFS Kerberos server. The format of
the info in a ticket is different and you need a different passwd_to_key()
function.
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
Follow-Ups: