The following message was sent to the IT Exchange listserv earlier this month.
You are receiving this message because you may be affected by MSU’s project to update its Kerberos authentication software. In June 2012, Libraries, Computing and Technology (LCT) will be upgrading the Kerberos authentication software to the current release of MIT Kerberos. The version we are currently using at MSU supports backward compatibility to version 4 of the Kerberos protocol. After this upgrade, backward compatibility to Kerberos version 4 will no longer be supported.
The main reasons for upgrading to Kerberos 5 include:
The impact of dropping backward compatibility support for Kerberos 4 is that any applications using Kerberos 4 for authentication will no longer be able to authenticate. One of the applications currently using Kerberos 4 is the AIS-provided D6501 authentication software which is used by numerous applications in the AIS and Public Web Server environments.
If you are responsible for an application that uses D6501 for authentication, it will need to be converted to use Sentinel for authentication. To determine if your application is using D6501 for authentication and needs to be converted to use Sentinel, view examples of the login URL for Sentinel versus D6501 application authentication. If you identify a web application that needs to be upgraded to Sentinel, please submit your information using the online form and LCT staff will help you with the process.
Additionally, if you have an application that is written to use Kerberos 4 directly for authentication, you will need to update it to use Kerberos 5.
If you have any questions, please do not hesitate to contact the AIS Help Desk at (517) 884-3000.
From the AIS Service Desk on behalf of the Kerberos Upgrade Project Team