I'm guessing using a single Kerberos KDC on Windows is going to be more
stable than some password syncronization process that neither vendor
fully supports.

Colin Simpson wrote:
> My only reason is we don't really trust window stability and try to
> resist MS creeping onto our servers :-)
> Colin
> On Wed, 2008-01-09 at 17:13 +0000, Christopher D. Clausen wrote:
>> Colin Simpson wrote:
>>> I'm looking at finding a new solution to syncing password between AD
>>> and
>>> Kerberos. We had been using CEDAR for this and it's great but the
>>> passwdHK dll on windows hates it if you pass in 8 bit ascii
>>> passsword.

>> AD already is Kerberos. Why don't you just use your Active Directory
>> controllers as the Kerberos KDCs as well?
>> <