AW: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap? - Kerberos

This is a discussion on AW: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap? - Kerberos ; But it doesnt work. If they type in their user PrincipalName, i get an entry in my error log. (Specified realm `persona.de' not allowed by configuration) My /etc/krb.conf [libdefaults] default_realm = KONZERN.INTERN clockskew = 300 [realms] KONZERN.INTERN = { kdc ...

+ Reply to Thread
Results 1 to 8 of 8

Thread: AW: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?

  1. AW: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?

    But it doesnt work.
    If they type in their user PrincipalName, i get an entry in my error log. (Specified realm `persona.de' not allowed by configuration)

    My /etc/krb.conf

    [libdefaults]
    default_realm = KONZERN.INTERN
    clockskew = 300

    [realms]
    KONZERN.INTERN = {
    kdc = w2kroot.konzern.intern
    default_domain = konzern.intern
    admin_server = w2kroot
    }

    [logging]
    kdc = FILE:/var/log/krb5kdc.log
    admin_server = FILE:/var/log/kadmin.log
    default = FILE:/var/log/krb5lib.log
    [domain_realm]
    .konzern.intern = KONZERN.INTERN

    [appdefaults]
    pam = {
    ticket_lifetime = 1d
    renew_lifetime = 1d
    forwardable = true
    proxiable = false
    retain_after_close = false
    minimum_uid = 0
    try_first_pass = true
    }

    -----Ursprüngliche Nachricht-----
    Von: Michael B Allen [mailto:mba2000@ioplex.com]
    Gesendet: Montag, 9. Oktober 2006 18:16
    An: Djihangiroff, Matthias (KC-DD)
    Betreff: Re: AW: AW: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?

    Then it should work. Kerberos requires the userPrincipalName and not their "windowsusername" (aka sAMAccountName). Or am I missing something?

    Mike

    PS: I recommend steering this thread back onto the kerberos mailing list.

    On Mon, 9 Oct 2006 09:14:51 +0200
    "Djihangiroff, Matthias (KC-DD)" wrote:

    > The Users only use their usersPrincipalName (Matthias.Djihangiroff@persona.de), not their sAMAccountName(Matthias.Djihangirof).
    >
    >
    > -----Ursprüngliche Nachricht-----
    > Von: Michael B Allen [mailto:mba2000@ioplex.com]
    > Gesendet: Freitag, 6. Oktober 2006 18:04
    > An: Djihangiroff, Matthias (KC-DD)
    > Betreff: Re: AW: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?
    >
    > So what you're saying is that users do not know their userPrincipalName and that they only know their sAMAccountName? For example, consider the following domain:
    >
    > dnsRoot example.com
    > REALM EXAMPLE.COM
    > nETBIOSName EXAMPLE
    >
    > and the following example user account:
    >
    > userPrincipalName alice@EXAMPLE.COM
    > sAMAccountName abaker
    >
    > For kerberos to work with the above example one would need to use the UPN alice@EXAMPLE.COM. But people are using abaker@EXAMPLE.COM or abaker@EXAMPLE?
    >
    > You could split the name and do an LDAP search on sAMAccountName=abaker for the userPrincipalName and then pass that to krb5_get_init_creds_password.
    >
    > Mike
    >
    > On Fri, 6 Oct 2006 07:27:06 +0200
    > "Djihangiroff, Matthias (KC-DD)" wrote:
    >
    > >
    > > I just want to point out that you can use krb5_get_init_creds_password to do Basic so there's no reason to use LDAP at all <- The problem ist, that the loginname for a kerberos realm is realusername@KERBEROS.REALM. The users arent aware of their real windowsusername (it is limited for 21? Characters, so my name is matthias.djihangirof@KONZERN.INTERN).
    > >
    > > Our users are loggin in with their email-adress:
    > > firstname.lastname@windowsdomain (e.g
    > > matthias.djihangiroff@persona.de, look at the double ff in my
    > > lastname, its different to my kerberos name)
    > >
    > > If i try to type my email in the basic auth, mod_auth_kerb tries to
    > > get a ticket for matthias.djihangiroff@persona.de. But the realm
    > > persona.de doesnt exists (its konzern.intern) :-)
    > >
    > >
    > > -----Ursprüngliche Nachricht-----
    > > Von: Michael B Allen [mailto:mba2000@ioplex.com]
    > > Gesendet: Donnerstag, 5. Oktober 2006 17:09
    > > An: Djihangiroff, Matthias (KC-DD)
    > > Cc: kerberos@mit.edu
    > > Betreff: Re: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?
    > >
    > > On Thu, 5 Oct 2006 08:03:51 +0200
    > > "Djihangiroff, Matthias (KC-DD)" wrote:
    > >
    > > > Hello,
    > > >
    > > > Anyone out there whos running an Apache with mod_auth_kerb and
    > > > mod_auth_ldap?
    > > > Im running an Apache with mod_auth_kerb perfectly.
    > > >
    > > > But we have users, which arent in our Windows AD, so they cant
    > > > load the websites protected through mod_auth_kerb.
    > > > Is it possible to fall back to mod_auth_ldap, so they can manualy
    > > > type in their login? (The Apache than check the user against the LDAP).

    > >
    > > I don't know the answer to this (my understanding is that trying to stack mod_auth_* modules together is not practical) but I just want to point out that you can use krb5_get_init_creds_password to do Basic so there's no reason to use LDAP at all. In fact using LDAP as a make-shift authentication service is crude and insecure. Wether or not mod_auth_kerb can do it I have no idea.
    > >
    > > Mike
    > >
    > > --
    > > Michael B Allen
    > > PHP Active Directory SSO
    > > http://www.ioplex.com/
    > > ###########################################
    > >
    > > This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
    > > For more information, connect to http://www.f-secure.com/
    > >

    >
    >
    > --
    > Michael B Allen
    > PHP Active Directory SSO
    > http://www.ioplex.com/
    > ###########################################
    >
    > This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
    > For more information, connect to http://www.f-secure.com/
    >



    --
    Michael B Allen
    PHP Active Directory SSO
    http://www.ioplex.com/
    ###########################################

    This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
    For more information, connect to http://www.f-secure.com/

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  2. Re: AW: Anyone has an apache running with mod_auth_kerb ANDmod_auth_ldap?

    On Tue, 10 Oct 2006 08:40:55 +0200
    "Djihangiroff, Matthias (KC-DD)" wrote:

    > But it doesnt work.
    > If they type in their user PrincipalName, i get an entry in my error log. (Specified realm `persona.de' not allowed by configuration)


    > > > get a ticket for matthias.djihangiroff@persona.de. But the realm
    > > > persona.de doesnt exists (its konzern.intern) :-)


    Ahh, I see. I can think of several possible solutions:

    1) Hack mod_kerb_auth to "rewrite" the email address to their correct userPrincipalName
    2) Instruct users to use their correct konzern.intern domain
    3) Rebuild your entire domain to use persona.de instead of konzern.inter
    4) Setup a KDC for persona.de with a trust to konzern.intern

    Note I know more about Negotiate auth than I do Kerberos in general so
    hopefully someone will chime in if I'm wrong.

    --
    Michael B Allen
    PHP Active Directory SSO
    http://www.ioplex.com/
    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  3. Re: AW: Anyone has an apache running with mod_auth_kerbANDmod_auth_ldap?

    I think the problem is that MIT and Heimdal don't allow a @ in the
    userprincipalname. If you capture the traffic from a XP machine to AD when
    you login with matthias.djihangiroff@persona.de you will see an AS request
    for matthias.djihangiroff@persona.de@KONZERN.INTERN

    Rgards
    Markus


    "Michael B Allen" wrote in message
    news:20061010122914.1aaf9fc1.mba2000@ioplex.com...
    > On Tue, 10 Oct 2006 08:40:55 +0200
    > "Djihangiroff, Matthias (KC-DD)" wrote:
    >
    >> But it doesnt work.
    >> If they type in their user PrincipalName, i get an entry in my error log.
    >> (Specified realm `persona.de' not allowed by configuration)

    >
    >> > > get a ticket for matthias.djihangiroff@persona.de. But the realm
    >> > > persona.de doesnt exists (its konzern.intern) :-)

    >
    > Ahh, I see. I can think of several possible solutions:
    >
    > 1) Hack mod_kerb_auth to "rewrite" the email address to their correct
    > userPrincipalName
    > 2) Instruct users to use their correct konzern.intern domain
    > 3) Rebuild your entire domain to use persona.de instead of konzern.inter
    > 4) Setup a KDC for persona.de with a trust to konzern.intern
    >
    > Note I know more about Negotiate auth than I do Kerberos in general so
    > hopefully someone will chime in if I'm wrong.
    >
    > --
    > Michael B Allen
    > PHP Active Directory SSO
    > http://www.ioplex.com/
    > ________________________________________________
    > Kerberos mailing list Kerberos@mit.edu
    > https://mailman.mit.edu/mailman/listinfo/kerberos
    >




    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  4. Re: AW: Anyone has an apache running withmod_auth_kerbANDmod_auth_ldap?

    I tried to use kinit user\\@mailaddress.com@DOMAIN.COM (\\ escapes @) with
    MIT against AD where the userprincipalname is set to the email address but
    failed, whereas I can login on XP using the email address. I found that MS
    uses a principal type 10 (= enterprise name). Is this anywhere defined in a
    standard or is this a MS extension ?

    Thanks
    Markus



    "Markus Moeller" wrote in message
    news:egjsck$i0$1@sea.gmane.org...
    >I think the problem is that MIT and Heimdal don't allow a @ in the
    >userprincipalname. If you capture the traffic from a XP machine to AD when
    >you login with matthias.djihangiroff@persona.de you will see an AS request
    >for matthias.djihangiroff@persona.de@KONZERN.INTERN
    >
    > Rgards
    > Markus
    >
    >
    > "Michael B Allen" wrote in message
    > news:20061010122914.1aaf9fc1.mba2000@ioplex.com...
    >> On Tue, 10 Oct 2006 08:40:55 +0200
    >> "Djihangiroff, Matthias (KC-DD)"
    >> wrote:
    >>
    >>> But it doesnt work.
    >>> If they type in their user PrincipalName, i get an entry in my error
    >>> log. (Specified realm `persona.de' not allowed by configuration)

    >>
    >>> > > get a ticket for matthias.djihangiroff@persona.de. But the realm
    >>> > > persona.de doesnt exists (its konzern.intern) :-)

    >>
    >> Ahh, I see. I can think of several possible solutions:
    >>
    >> 1) Hack mod_kerb_auth to "rewrite" the email address to their correct
    >> userPrincipalName
    >> 2) Instruct users to use their correct konzern.intern domain
    >> 3) Rebuild your entire domain to use persona.de instead of konzern.inter
    >> 4) Setup a KDC for persona.de with a trust to konzern.intern
    >>
    >> Note I know more about Negotiate auth than I do Kerberos in general so
    >> hopefully someone will chime in if I'm wrong.
    >>
    >> --
    >> Michael B Allen
    >> PHP Active Directory SSO
    >> http://www.ioplex.com/
    >> ________________________________________________
    >> Kerberos mailing list Kerberos@mit.edu
    >> https://mailman.mit.edu/mailman/listinfo/kerberos
    >>

    >
    >
    >
    > ________________________________________________
    > Kerberos mailing list Kerberos@mit.edu
    > https://mailman.mit.edu/mailman/listinfo/kerberos
    >




    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  5. Re: AW: Anyone has an apache runningwith mod_auth_kerbANDmod_auth_ldap?



    On Friday, October 13, 2006 07:45:17 PM +0100 Markus Moeller
    wrote:

    > I tried to use kinit user\\@mailaddress.com@DOMAIN.COM (\\ escapes @)
    > with MIT against AD where the userprincipalname is set to the email
    > address but failed, whereas I can login on XP using the email address. I
    > found that MS uses a principal type 10 (= enterprise name). Is this
    > anywhere defined in a standard or is this a MS extension ?


    The value is assigned in RFC4120 section 7.5.8, but without details as to
    the expected name form. What you're seeing is the most common usage for
    this name type. Note that Kerberos principal name types are advisory; they
    generally do not need to match.

    You only said "I tried... but failed." How did you fail? Were you unable
    to type the backslash, or perhaps the at-sign? Or did kinit print some
    error message you're not sharing with us?

    -- Jeffrey T. Hutzelman (N3NHS)
    Sr. Research Systems Programmer
    School of Computer Science - Research Computing Facility
    Carnegie Mellon University - Pittsburgh, PA

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  6. Re: AW: Anyone has an apacherunningwith mod_auth_kerbANDmod_auth_ldap?

    Thanks for clarifying. I got the following reply

    kinit(v5): Client not found in Kerberos database while getting initial
    credentials

    The only real difference I could see in the AS REQ is that XP uses type 10
    and kinit use type 1.

    Regards
    Markus

    "Jeffrey Hutzelman" wrote in message
    news:AE1D56BEA05AA8A328BF3929@sirius.fac.cs.cmu.ed u...
    >
    >
    > On Friday, October 13, 2006 07:45:17 PM +0100 Markus Moeller
    > wrote:
    >
    >> I tried to use kinit user\\@mailaddress.com@DOMAIN.COM (\\ escapes @)
    >> with MIT against AD where the userprincipalname is set to the email
    >> address but failed, whereas I can login on XP using the email address. I
    >> found that MS uses a principal type 10 (= enterprise name). Is this
    >> anywhere defined in a standard or is this a MS extension ?

    >
    > The value is assigned in RFC4120 section 7.5.8, but without details as to
    > the expected name form. What you're seeing is the most common usage for
    > this name type. Note that Kerberos principal name types are advisory;
    > they
    > generally do not need to match.
    >
    > You only said "I tried... but failed." How did you fail? Were you unable
    > to type the backslash, or perhaps the at-sign? Or did kinit print some
    > error message you're not sharing with us?
    >
    > -- Jeffrey T. Hutzelman (N3NHS)
    > Sr. Research Systems Programmer
    > School of Computer Science - Research Computing Facility
    > Carnegie Mellon University - Pittsburgh, PA
    >
    > ________________________________________________
    > Kerberos mailing list Kerberos@mit.edu
    > https://mailman.mit.edu/mailman/listinfo/kerberos
    >




    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  7. Re: AW: Anyone has an apacherunningwith mod_auth_kerbANDmod_auth_ldap?


    If I change the MIT code (set the type to 10 in parse.c) I can get a ticket
    with my email address as principal name.

    Regards
    Markus

    "Markus Moeller" wrote in message
    news:egop10$50c$1@sea.gmane.org...
    > Thanks for clarifying. I got the following reply
    >
    > kinit(v5): Client not found in Kerberos database while getting initial
    > credentials
    >
    > The only real difference I could see in the AS REQ is that XP uses type 10
    > and kinit use type 1.
    >
    > Regards
    > Markus
    >
    > "Jeffrey Hutzelman" wrote in message
    > news:AE1D56BEA05AA8A328BF3929@sirius.fac.cs.cmu.ed u...
    >>
    >>
    >> On Friday, October 13, 2006 07:45:17 PM +0100 Markus Moeller
    >> wrote:
    >>
    >>> I tried to use kinit user\\@mailaddress.com@DOMAIN.COM (\\ escapes @)
    >>> with MIT against AD where the userprincipalname is set to the email
    >>> address but failed, whereas I can login on XP using the email address.
    >>> I
    >>> found that MS uses a principal type 10 (= enterprise name). Is this
    >>> anywhere defined in a standard or is this a MS extension ?

    >>
    >> The value is assigned in RFC4120 section 7.5.8, but without details as to
    >> the expected name form. What you're seeing is the most common usage for
    >> this name type. Note that Kerberos principal name types are advisory;
    >> they
    >> generally do not need to match.
    >>
    >> You only said "I tried... but failed." How did you fail? Were you
    >> unable
    >> to type the backslash, or perhaps the at-sign? Or did kinit print some
    >> error message you're not sharing with us?
    >>
    >> -- Jeffrey T. Hutzelman (N3NHS)
    >> Sr. Research Systems Programmer
    >> School of Computer Science - Research Computing Facility
    >> Carnegie Mellon University - Pittsburgh, PA
    >>
    >> ________________________________________________
    >> Kerberos mailing list Kerberos@mit.edu
    >> https://mailman.mit.edu/mailman/listinfo/kerberos
    >>

    >
    >
    >
    > ________________________________________________
    > Kerberos mailing list Kerberos@mit.edu
    > https://mailman.mit.edu/mailman/listinfo/kerberos
    >




    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos


  8. Re: Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?

    --===============1508880337==

    Matthias,

    could you try and set principal.type = 10 just before the following line in
    mod_auth_kerb and try to login with matthias.djihangiroff\\@persona.de


    ret = krb5_get_init_creds_password(context, &creds, principal,
    (char *)password, NULL,
    NULL, 0, NULL, NULL);

    If this works you propably only need to check the if name includes a @ to
    add the two \\ for escaping call krb5_parse_name(context, new_name,
    principal) and set then principal.type=10 before
    krb5_get_init_creds_password is called.

    I would be curious if that works.

    Regards
    Markus


    "Djihangiroff, Matthias (KC-DD)" wrote in
    message
    news:A4987E8FC1C6CD44805DDE5676EE262E0109DAE5@w2km ail.konzern.intern...
    But it doesnt work.
    If they type in their user PrincipalName, i get an entry in my error log.
    (Specified realm `persona.de' not allowed by configuration)

    My /etc/krb.conf

    [libdefaults]
    default_realm = KONZERN.INTERN
    clockskew = 300

    [realms]
    KONZERN.INTERN = {
    kdc = w2kroot.konzern.intern
    default_domain = konzern.intern
    admin_server = w2kroot
    }

    [logging]
    kdc = FILE:/var/log/krb5kdc.log
    admin_server = FILE:/var/log/kadmin.log
    default = FILE:/var/log/krb5lib.log
    [domain_realm]
    .konzern.intern = KONZERN.INTERN

    [appdefaults]
    pam = {
    ticket_lifetime = 1d
    renew_lifetime = 1d
    forwardable = true
    proxiable = false
    retain_after_close = false
    minimum_uid = 0
    try_first_pass = true
    }

    -----Ursprüngliche Nachricht-----
    Von: Michael B Allen [mailto:mba2000@ioplex.com]
    Gesendet: Montag, 9. Oktober 2006 18:16
    An: Djihangiroff, Matthias (KC-DD)
    Betreff: Re: AW: AW: Anyone has an apache running with mod_auth_kerb AND
    mod_auth_ldap?

    Then it should work. Kerberos requires the userPrincipalName and not their
    "windowsusername" (aka sAMAccountName). Or am I missing something?

    Mike

    PS: I recommend steering this thread back onto the kerberos mailing list.

    On Mon, 9 Oct 2006 09:14:51 +0200
    "Djihangiroff, Matthias (KC-DD)" wrote:

    > The Users only use their usersPrincipalName
    > (Matthias.Djihangiroff@persona.de), not their
    > sAMAccountName(Matthias.Djihangirof).
    >
    >
    > -----Ursprüngliche Nachricht-----
    > Von: Michael B Allen [mailto:mba2000@ioplex.com]
    > Gesendet: Freitag, 6. Oktober 2006 18:04
    > An: Djihangiroff, Matthias (KC-DD)
    > Betreff: Re: AW: Anyone has an apache running with mod_auth_kerb AND
    > mod_auth_ldap?
    >
    > So what you're saying is that users do not know their userPrincipalName
    > and that they only know their sAMAccountName? For example, consider the
    > following domain:
    >
    > dnsRoot example.com
    > REALM EXAMPLE.COM
    > nETBIOSName EXAMPLE
    >
    > and the following example user account:
    >
    > userPrincipalName alice@EXAMPLE.COM
    > sAMAccountName abaker
    >
    > For kerberos to work with the above example one would need to use the UPN
    > alice@EXAMPLE.COM. But people are using abaker@EXAMPLE.COM or
    > abaker@EXAMPLE?
    >
    > You could split the name and do an LDAP search on sAMAccountName=abaker
    > for the userPrincipalName and then pass that to
    > krb5_get_init_creds_password.
    >
    > Mike
    >
    > On Fri, 6 Oct 2006 07:27:06 +0200
    > "Djihangiroff, Matthias (KC-DD)" wrote:
    >
    > >
    > > I just want to point out that you can use krb5_get_init_creds_password
    > > to do Basic so there's no reason to use LDAP at all <- The problem ist,
    > > that the loginname for a kerberos realm is realusername@KERBEROS.REALM.
    > > The users arent aware of their real windowsusername (it is limited for
    > > 21? Characters, so my name is matthias.djihangirof@KONZERN.INTERN).
    > >
    > > Our users are loggin in with their email-adress:
    > > firstname.lastname@windowsdomain (e.g
    > > matthias.djihangiroff@persona.de, look at the double ff in my
    > > lastname, its different to my kerberos name)
    > >
    > > If i try to type my email in the basic auth, mod_auth_kerb tries to
    > > get a ticket for matthias.djihangiroff@persona.de. But the realm
    > > persona.de doesnt exists (its konzern.intern) :-)
    > >
    > >
    > > -----Ursprüngliche Nachricht-----
    > > Von: Michael B Allen [mailto:mba2000@ioplex.com]
    > > Gesendet: Donnerstag, 5. Oktober 2006 17:09
    > > An: Djihangiroff, Matthias (KC-DD)
    > > Cc: kerberos@mit.edu
    > > Betreff: Re: Anyone has an apache running with mod_auth_kerb AND
    > > mod_auth_ldap?
    > >
    > > On Thu, 5 Oct 2006 08:03:51 +0200
    > > "Djihangiroff, Matthias (KC-DD)"
    > > wrote:
    > >
    > > > Hello,
    > > >
    > > > Anyone out there whos running an Apache with mod_auth_kerb and
    > > > mod_auth_ldap?
    > > > Im running an Apache with mod_auth_kerb perfectly.
    > > >
    > > > But we have users, which arent in our Windows AD, so they cant
    > > > load the websites protected through mod_auth_kerb.
    > > > Is it possible to fall back to mod_auth_ldap, so they can manualy
    > > > type in their login? (The Apache than check the user against the
    > > > LDAP).

    > >
    > > I don't know the answer to this (my understanding is that trying to
    > > stack mod_auth_* modules together is not practical) but I just want to
    > > point out that you can use krb5_get_init_creds_password to do Basic so
    > > there's no reason to use LDAP at all. In fact using LDAP as a make-shift
    > > authentication service is crude and insecure. Wether or not
    > > mod_auth_kerb can do it I have no idea.
    > >
    > > Mike
    > >
    > > --
    > > Michael B Allen
    > > PHP Active Directory SSO
    > > http://www.ioplex.com/
    > > ###########################################
    > >
    > > This message has been scanned by F-Secure Anti-Virus for Microsoft
    > > Exchange.
    > > For more information, connect to http://www.f-secure.com/
    > >

    >
    >
    > --
    > Michael B Allen
    > PHP Active Directory SSO
    > http://www.ioplex.com/
    > ###########################################
    >
    > This message has been scanned by F-Secure Anti-Virus for Microsoft
    > Exchange.
    > For more information, connect to http://www.f-secure.com/
    >



    --
    Michael B Allen
    PHP Active Directory SSO
    http://www.ioplex.com/
    ###########################################

    This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
    For more information, connect to http://www.f-secure.com/

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos




    --===============1508880337==
    Content-Type: text/plain; charset="us-ascii"
    MIME-Version: 1.0
    Content-Transfer-Encoding: 7bit
    Content-Disposition: inline

    ________________________________________________
    Kerberos mailing list Kerberos@mit.edu
    https://mailman.mit.edu/mailman/listinfo/kerberos

    --===============1508880337==--


+ Reply to Thread