With the recent changes to the Kerberos Credentials Cache, my service on Windows 2000 is now broken. Without being able to use impersonation, how do I allow a Windows 2000 service to perform Kerberos/GSS operations on behalf of other users? Thanks in advance, Mike.