[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: using active directory keys
Dave Love wrote:
> Does anyone know if there's any possibility of extracting keys from an
> active directory and loading them into a Heimdal KDC (or even an MIT
> one)? I couldn't find any relevant info from a web search.
No, never see this.
> The scenario is Windows pass-through login trusting Heimdal for SSO,
> and wanting to avoid resetting passwords on Windows accounts.
But if the user principals are registered in a Hiemdal realm, with
cross realm trust to the AD domain, AD can accept this. This does require
an AD account for the user but no password for AD.
Section: "Creating Account Mappings"
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439