[THIN] Re: citrix pass-through authentication with MIT Realm ?
- From: Lara Adianto <m1r4cle_26@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Tue, 24 Aug 2004 18:55:59 -0700 (PDT)
The reason is because we don't want to store credentials in AD. We have done
windows authentication with external MIT KDC, and therefore would like to do
the same with citrix. In that way, there will be no duplication of credentials.
How can I know whether citrix uses DNS properly or not ?
-lara-
Chris Lynch <lynch00@xxxxxxx> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I'm not aware of any way to accomplish this. Unless you have a SAMBA
server in place. But, with the latest version of SAMBA, you can only
use NTLM authentication, not Kerberos.
And what is your reason for not wanting to use AD? (not that I
really want to open a can of worms, but just asking)
Chris
________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]
On Behalf Of Lara Adianto
Sent: Monday, August 23, 2004 11:52 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] citrix pass-through authentication with MIT Realm ?
Hello,
Has anyone ever tried citrix client pass through authentication to
external MIT KDC instead of to the windows domain where the citrix
server actually belongs to ? Let's say that a user uses his/her
external MIT realm credential to login to a windows xp machine, which
is a citrix metaframe xp presentation server 3.0 client. We would
like to make use of pass-through authentication feature when the user
wants to access the shared applications so that the user doesn't need
to reenter his/her credential in windows AD (we don't want to make
use or even store user credentials in AD anyway).
In my opinion, it should be possible to authenticate with external
MIT realm as long as the server is able to resolve the address of
external MIT realm. Through ethereal, i can see that the server is
trying to resolve the MIT.REALM.COM (that's the external MIT Realm)
using NBNS. I tried to tell the citrix server to use DNS instead, by
'enabling XML service DNS address resolution' in the metaframe xp
settings of the farm but it still sends queries using NBNS
Is it actually possible to get pass-through authentication to work
using external MIT realm tickets ?
Thanks,
lara
- ----------------------------------------------------------------------
- --------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
- ----------------------------------------------------------------------
- --------------
________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail
com/new_mail/static/efficiency.html> - 100MB free storage!
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3
Comment: Public PGP Key for Chris Lynch
iQA/AwUBQStTlG9fg+xq5T3MEQLHZwCfSH4vHSGlAlFqWrcUYIS42Ov8yl0An0yc
VBnCSiBTOkeqHW6UajXcO62u
=LWs9
-----END PGP SIGNATURE-----
********************************************************
This Weeks Sponsor RTO Software
Do you know which applications are abusing your CPU and memory?
Would you like to learn? -- Free for a limited time!
Get the RTO Performance Analyzer to quickly learn the applications,
users, and time of day possible problems exist.
http://www.rtosoft.com/enter.asp?id=320
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy
de Maupassant -
------------------------------------------------------------------------------------
---------------------------------
Do you Yahoo!?
Win 1 of 4,000 free domain names from Yahoo! Enter now.
Other related posts:
