[OpenAFS-devel] Document for authenticating against MIT K5/krb524d ?
Ken Hornstein
kenh@cmf.nrl.navy.mil
Thu, 10 Jan 2002 13:22:30 -0500
>About Heimdal vs MIT:
>
>The Heimdal KDC is both v4 and v5 at the same time, so you won't need
>any krb524d. Of course I'm biassed because I don't need to go far to
>ask Johan everything about Heimdal. Hm. That does not mean I always
>understand the answer :-)
I think I'm missing something here; the MIT KDC is also v4 and v5 at
the same time. But you still need something like krb524d if you want
to convert a V5 TGT into an AFS token (say, for instance, if you use
Kerberos telnet/ssh and forward your V5 TGT across, or you have a
policy which forbids the use of v4 ticket requests.). I'm assuming the
Heimdal afslog does _something_ along those lines, right?
--Ken