The Kerberos 2000 service is a service for allowing MIT developers to test business applications which rely on Kerberos for Y2K compliance.
Note: These directions are still under constructions. As such, some platform information is still not filled in. The basic directions should be correct, though.
In order to use the Kerberos 2000 service, both the administrative client and server machines must be running in the Kerberos-2000 universe.
In order to set up a server machine, send mail to tytso@mit.edu with the name of the machine, so it can be added to the Kerberos-2000 server. Next, get and compile the gettime program, and install it on your system. Run the command gettime -s kerberos-2000.mit.edu to set the server's clock. Arrange (via crontab) to run the command gettime -s kerberos-2000.mit.edu once an hour, on the hour.
In order to set up a client machine, it will also need to have its time set to match Kerberos-2000. For Unix machines, this can be done using the gettime program. For Windows and Macintosh clients, this can be done either manually, or by setting the timeserver to be kerberos-2000.mit.edu. (More detailed information will follow as I gather it.)
On both the client and server machines, the appropriate Kerberos configuration files need to be edited so that KERBEROS-2000.MIT.EDU is the first (and only) Kerberos server for the ATHENA.MIT.EDU realm. (Information for this varies from platform to platform; more information will be later....)
Customers and potential customers of the Kerberos 2000 are encouraged to subscribe to the Kerberos 2000 mailing list, krb-y2k@mit.edu. This list will contain discussions about how to best use the Kerberos 2000 testing service, and how the testing schedule for the Kerberos-2000 server will be structured.