[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Time to Display My Ignorance, or What Is This Packet Anyway?
But the packet I captured doesn't look anything like the K4 auth
request from an MIT/Sun K4 client! Could it be doing an AS-REQ
directly for the afs service ticket instead of for krbtgt?
In any case could I trouble you to look for that patch? (Or tell me
how to Google for it?)
JPL has a service contract with Transarc and is still using it's
clients on the Sun and Windows platforms. We're hiring Jeffrey Altman
next FY to package the Windows client for our environment. In the mean
time I need to support what we've got or I can't complete our
transition.
On Sep 15, 2004, at 2:05 AM, Love wrote:
>
> "Henry B. Hotz" <hotz@jpl.nasa.gov> writes:
>
>> The Heimdal kdc doesn't appear to support the Windows Transarc
>> clients. What are they doing anyway? The on-the-wire packet doesn't
>> look like either a K4 request or a kaserver request. It's sent from
>> the AFS client to port 750. After stripping off the Ethernet/IP/UDP
>> headers I'm left with the following authentication request:
>
> Just to confuse you, windows client used to use kerberos 4, it didn't
> use
> ka protocol. I have seen a patch to make the v4 protocol more
> agressive is
> detecting those strange packets, but can't remember what it did.
>
> Newer versions of the openafs client (of 1.3.x fame), uses native
> kerberos
> 5, more the that, is way more stable then the old transarc windows
> client.
>
> Love
Unless there was a change a lot earlier than 1.3.x wouldn't you guys
have seen this issue and fixed it already?
------------------------------------------------------------------------
----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu