dir
Heimdal is an implementation of Kerberos 5 (and some more stuff) originally developed in Sweden (which was important when the project started, less so now). It is freely available under a three clause BSD style license.
Secure Endpoints, Inc. ported Heimdal to the Microsoft Windows operating system platform as a replacement for MIT's Kerberos for Windows which has not been updated in several years. The Secure Endpoints' Heimdal distribution consists of several components:
The following table is a comparison
Feature | Heimdal 7.4 | MIT Kerberos 3.2.2 |
Supported Operating System versions | Windows Vista, Server 2008, Windows 7, Server 2008 R2, Windows 8.x, Windows 10.x Server 2016 | Windows 2000, Server 2000, Windows XP, Server 2003, Server 2003 R2 |
Supported CPU Architecture | i386 and AMD64 | i386 officially supported; AMD64 only from Secure Endpoints |
Installer architecture | MSI | 32-bit EXE and MSI |
Number of installers required for 64-bit Windows | One installer combines both 64-bit and 32-bit components | not officially supported; separate installers required for both 64-bit and 32-bit components when obtained from Secure Endpoints |
Supports OpenAFS rxgk security class | Yes, includes support for GSS-API Pseudo-random function | No |
MIT API Credential Cache v2 | Yes, via a plug-in | Yes |
Microsoft LSA Credential Cache | Yes, via a plug-in | Yes |
FILE Credential Cache | Yes | Yes |
MEMORY Credential Cache | Yes | Yes |
Credential Cache Plug-in Mechanism | Yes | No |
kadmin utility | Yes | No |
Keytab Utility | Yes | No |
Kswitch Utility | Yes | No |
KDC Support | Not included in installers but can be built from source code | No |
GSS-API Library | Yes | Yes |
Kerberos v5 Library | Yes | Yes |
Kerberos v4 Library | No | Yes (32-bit only) |
Kerberos 524 conversion | No | Yes |
Side-by-side Assembly | Yes, multiple versions of Heimdal can be present on the machine at the same time without breaking applications | No, all applications must use the same version |
Network Provider Logon integration | No, existing credential caches do not support storage of Kerberos credentials before the logon session is created | Yes, but it is incompatible with Windows Vista, Server 2008 and beyond |
Supported by applications linked against the Secure Endpoints Kebreros Compatibility SDK 1.0 | Yes | Yes |
Credential Manager User Interface | No, Network Identity Manager v2 is available separately | Network Identity Manager v1.3.1 included; v2 is available as an upgrade |
Ohloh provides a side-by-side comparison of the two development projects. The MIT numbers include Network Identity Manager v1.3.1.
Heimdal 7.4 was released on 11 July 2017. The full version number is 7.4.0.40. The installers are digitally signed by "Secure Endpoints Inc.".
Heimdal 1.5.1 was released on 30 September 2011. The full version number is 1.5.100.930. The installers are digitally signed by "Secure Endpoints Inc.".
This page was last updated 10/02/11