Changes between Version 28 and Version 31 of Ticket #529


Ignore:
Timestamp:
12/28/12 04:22:04 (11 years ago)
Author:
mitchb
Comment:

krb4 is disabled. The PO servers are fixed. Webmail is fixed. Citrix has a new alternative. outgoing is still broken.

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #529 – Description

    v28 v31  
    77This works out fine from a Kerberos client perspective: 
    88 
    9  * kinit -5, kinit -45, and krb524init all work, which allows me to use any Kerberized service as normal, including krb4 Zephyr and krb4 IMAP. 
    10  * kinit -4 no longer works (kinit(v4): Kerberos principal unknown), which is expected because Kerberos IV can only use a single-DES key to encrypt my TGT.  But that is okay because kinit -45 or krb524init replace this functionality. 
     9 * kinit -5, ~~kinit -45, and krb524init all~~ works, which allows me to use any Kerberized service as normal~~, including krb4 Zephyr and krb4 IMAP~~. '''krb4 is now effectively disabled''' 
     10 * kinit -4 no longer works (kinit(v4): Kerberos principal unknown), which is expected because Kerberos IV can only use a single-DES key to encrypt my TGT.  ~~But that is okay because kinit -45 or krb524init replace this functionality.~~ '''krb4 is now effectively disabled''' 
    1111 * aklog and AFS works fine. 
    1212 
     
    1414 
    1515 * ~~[https://ca.mit.edu/ca/ ca.mit.edu] does not allow me to generate a new MIT certificate.~~  '''FIXED.''' 
    16  * The PO servers do not allow me to log in over IMAP using a password.  (Kerberized IMAP still works.)  I receive this error using imtest: 
     16 * ~~The PO servers do not allow me to log in over IMAP using a password.  (Kerberized IMAP still works.)  I receive this error using imtest:~~ '''FIXED.''' 
    1717{{{ 
    1818$ imtest -s -m login andersk.mail.mit.edu 
     
    2525Authentication failed. generic failure 
    2626}}} 
    27  * I cannot log in to [https://webmail.mit.edu/ Webmail], presumably as a consequence of the above: “Login failed.” 
     27 * ~~I cannot log in to [https://webmail.mit.edu/ Webmail], presumably as a consequence of the above: “Login failed.”~~ '''FIXED.''' 
    2828 * ~~I cannot log in to [https://idp.mit.edu/idp/Authn/UsernamePassword Touchstone] services using a password (though certificate and Kerberos authentication still work): “Error: Please enter a valid username and password.  Click help for assistance.”~~  '''FIXED.''' 
    2929 * ~~[https://owa.exchange.mit.edu/ Outlook Web Access] works fine.~~ 
    3030 * ~~I cannot log in to the [https://vpn.mit.edu/ MITnet VPN] (vpn.mit.edu): “Login error.”~~  '''FIXED.''' 
    3131 * ~~I cannot log in to [https://mit-mailsec-cc.mit.edu:41443/brightmail Brightmail]: “Invalid user name or password. Please try again.”~~  '''FIXED.''' 
    32  * I cannot log in to Windows after starting the Citrix ICA Client from [https://citrix.mit.edu/Citrix/MetaFrameXP/frameset.jsp Citrix MetaFrame XP]: “The system could not log you on.  Make sure your User name and domain are correct, then type your password again.  Letters in passwords must be typed using the correct case.” 
     32 * I cannot log in to Windows after starting the Citrix ICA Client from [https://citrix.mit.edu/Citrix/MetaFrameXP/frameset.jsp Citrix MetaFrame XP]: “The system could not log you on.  Make sure your User name and domain are correct, then type your password again.  Letters in passwords must be typed using the correct case.”  '''The new citrixapps.mit.edu works, however.''' 
    3333 * ~~I cannot log in to the MIT SECURE wireless network:~~ 
    3434 * outgoing(-auth) does not accept passwords auth from principals with strong keys, though it does accept GSSAPI auth, much as the PO servers.  Can be tested with