I use krb-1.6.3 to implement my pkinit according to the admin.pdf,
I add X.509 cert to the directory, and I can get my TGT use 'kinit', but if I move my certs from the very directory, I can also get TGT, which puzzled me several days. Can you explain why ?
My question is whether the preauthentication process of kerberos has been taken or not?
My cert&key file format are both *.pem, rather than *.crt & *.key, and have assigned { +requires_preauth } in kdc.conf. Is there anything wrong i made.
--------------------------------------------Lin Zhang, Peking University, Beijing, China
__________________________________________________ _______________
Windows Live Photo gallery 数码相机的超级伴侣,轻松管理和编*照片,还能制作全 景美图!