Multiple domain referral patch and Kerberos 1.31
Sam Hartman
hartmans at MIT.EDU
Wed Sep 24 20:08:30 EDT 2003
>>>>> "Kevin" == Kevin Coffman <kwc at citi.umich.edu> writes:
Kevin> No referral is issued unless the client sets the
Kevin> KDC_OPT_NAME_CANONICALI ZE option flag in the TGS request.
Kevin> So a client should never get a referral that is unexpected.
Ah, so this doesn't implement the closest domain referal for krbtgt
described in RFC 1510?
I would sort of have assumed you'd do that if you were implementing
the Microsoft option.
More information about the Kerberos
mailing list