Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 2.18. How come the "Last xxx" fields in the Kerberos database don't seem to get updated? Next Document: 2.20. What is v5passwdd? Do I need to run it? See reader questions & answers on this topic! - Help others by sharing your knowledge The krb524d daemon is used to convert a Kerberos 5 service ticket to a Kerberos 4 service ticket. This is primarily used by the krb524init program and the AFS-Kerberos 5 Migration Kit. To use this daemon, you need to either run it on your KDC, or give it access to the keys for the service principals who's tickets you wish to convert. It needs access to the principals' keys because it decrypts the Kerberos 5 ticket, converts it to a Kerberos 4 ticket, and re-encrypts it. Everyone I know of that uses krb524d runs it on their KDC. Depending on your use of Kerberos 4, you may or may not need it. If you plan on using krb524init or the AFS-Kerberos 5 Migration kit, then you definitely need it. To use krb524init, run krb524d on your KDCs and simply run krb524init after you've acquired a V5 TGT. Your V5 TGT will be converted to a V4 TGT, which can then be used by V4 applications. Note that login.krb5 can be configured to convert your credentials automatically as well. See the man page for more information. User Contributions:Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 2.18. How come the "Last xxx" fields in the Kerberos database don't seem to get updated? Next Document: 2.20. What is v5passwdd? Do I need to run it? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Last Update March 27 2014 @ 02:11 PM
|
Comment about this article, ask questions, or add new information about this topic: