[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

w2k not happy with 0.7

To: heimdal-discuss@sics.se
Subject: w2k not happy with 0.7
From: Björn Sandell <biorn@chalmers.se>
Date: Sat, 11 Mar 2006 08:01:13 +0100
Sender: owner-heimdal-discuss@sics.se


Hi,

We just noticed that Windows 2000 can't get tickets from a heimdal
0.7.1 or 0.7.2 kdc. It sends a AS-REQ but doesn't seem to care much for
the reply it gets. We are using pre auth and my present theory is that
windows 2000 gets upset by the PA-PK-AS-REQ it gets as, according to
http://security.zhwin.ch/Kerberos_PKINIT.pdf, a w2k kdc never send a
PA-PK-AS-REQ but sticks to PA-PK-AS-REP. Unfortunately, I don't have
access to such a kdc.

Has anyone else seen this? Any suggestions for fixes or workarounds?

-- 
Bjorn Sandell               Chalmers University of Technology
IT Services       www.ita.chalmers.se      +46 (0)31 772 1000

Prev by Date: Re: zephyr
Next by Date: Heimdal 0.7.2 with mod_auth_kerb 5.0rc7
Prev by thread: man pages
Next by thread: Heimdal 0.7.2 with mod_auth_kerb 5.0rc7
Index(es):
- Date
- Thread