Windows integrated logins with KfW 2.6.1 and XP.

hikari hikari at hikari.org.uk
Tue Apr 27 16:19:30 EDT 2004


Jeffrey Altman wrote:

> Please detail exactly what you have done.

	I've added the host and cifs principles (short version and FQDN) for 
the workstation to the KDC, with its password.  I've explicitly set the 
KDC and kpasswd servers in XP using ksetup; I was originaly trying it 
without them set and hoping XP would grab them using SRV queries (as 
Leash does).  I've also set the realm and the workstation's password 
with ksetup.  And I added a usermapping for chrisc at JM-CROWTHER.CO.UK to 
chrisc and blanket mapped all other principles to the guest account.

	ksetup on its own is currently showing the following as the config:

	default realm = JM-CROWTHER.CO.UK (external)
JM-CROWTHER.CO.UK:
         kdc = kerberos.jm-crowther.co.uk
         kpasswd = kerberos.jm-crowther.co.uk
         Realm Flags = 0x0 none
Mapping chrisc at JM-CROWTHER.CO.UK to chrisc.
Mapping all users (*) to guest.

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
     AllowTGTSessionKey is set to 1 in the registry (it was already set 
to that when I checked the registry).

-- 
hikari


More information about the Kerberos mailing list