[Ovirt-devel] oVirt console (again!)
Richard W.M. Jones
rjones at redhat.com
Tue Nov 11 16:09:45 UTC 2008
On Tue, Nov 11, 2008 at 04:48:04PM +0100, Gerd Hoffmann wrote:
> Gerd Hoffmann wrote:
> > Richard W.M. Jones wrote:
> >> The problem, as ever, is with Windows. It's hard to set up a Windows
> >> client as a Kerberos client, so this won't just work.
>
> > Might be worth talking to the freeipa/samba folks maybe whenever it is
> > possible to make windows play nice here?
>
> Some doc reading and experiments later ...
>
> With MIT Kerberos for Windows installed the Windows machine can
> authenticate against freeipa. Setup is pretty straight forward and
> described at the freeipa website.
>
> Requires that the applications support gssapi though. Firefox can
> handle both ways (sspi == native windows with ADC, gssapi == MIT).
>
> To get the WUI on a windows box this must be setup anyway. Then have
> libvirt auth via MIT-gssapi too should work nicely and probably without
> too much coding effort as gssapi at linux code is there already ...
I've been banging my head against NSS/NSPR all morning, so crypto
libraries & Mozilla are both generally driving me around the bend :-(
However last weekend I did find that someone has ported a part of
Cyrus SASL to Windows. Good news that at least it's possible!
Unfortunately bad news that there's no source for their port (so we'll
have to recreate the techniques) and I suspect that it's only a
partial port and key bits may be missing. Not looked into it in great
detail yet, but the binary is here:
http://developer.pidgin.im/wiki/BuildingWinPidgin
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
Read my OCaml programming blog: http://camltastic.blogspot.com/
Fedora now supports 68 OCaml packages (the OPEN alternative to F#)
http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora
More information about the ovirt-devel
mailing list