TGS-REQ and PA-TGS-REQ
Joey Collins
phish-jc at charter.net
Mon Nov 4 23:57:27 EST 2002
Hi, I have a forwardable ticket-granting-ticket from a client system C1
on my server (S1). I'm attempting to jinn up a TGS-REQ message on S1
(which will be sent to the KDC) to request a service ticket to a 3rd
machine (S2) from the KDC on behalf of the client using the forwardable
tgt. i.e.:
C1 -> S1 -> S2
|
|
V
KDC
The padata[3] field is confusing me--do I need to first request a
service ticket from the KDC for S1 <--> KDC then put it in padata? Or,
do I put the forwardable ticket-granting-ticket in padata[3]?
additional-tickets[11] seems like the right place for the forwardable
tgt, is this correct?
thanks for the help.
Joey.
More information about the Kerberos
mailing list