Can IIS be made to work with a foreign Kerberos realm ?

Tim Alsop Tim.Alsop at CyberSafe.Ltd.UK
Thu Oct 16 06:13:27 EDT 2003


We are trying to make IIS use a foreign realm for authentication purposes.
Currently we have used ksetup on client to authenticate the user at login
using our KDC (not Active Directory). When we start browser to point to IIS
page a service ticket is issued (HTTP/hostname.domain at REALM) and sent to
IIS. The problem we have is knowing how to make IIS accept this security
context. Clearly IIS does not use a keytab, so how does it get a
key/password to accept the security context from browser ?
Thanks, Tim.




More information about the Kerberos mailing list