KFW vs Microsoft Windows XP SP2
Jeffrey Altman
jaltman at columbia.edu
Mon Aug 9 17:31:12 EDT 2004
As a reminder for all users of MIT Kerberos for Windows who import
tickets from the Microsoft Windows Logon Session Cache. Windows XP SP2
locks down the machine to prevent the exporting of Kerberos TGT session
keys unless you instruct Windows to do otherwise.
MIT KFW 2.6.4 will automatically set the appropriate key. It is
recommended that KFW 2.6.4 be used on Windows XP SP2. However,
if you must use an earlier version you will have to set the following
value in the registry:
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos
AllowTGTSessionKey = 0x01 (DWORD)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3256 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20040809/6774c068/attachment.bin
More information about the Kerberos
mailing list