KDC reachable API or KDC no-op proto transaction?

[Jeffrey Altman]

The only thing you can do is attempt to perform a probe via a TGS_REQ.
I suggest you use a principal name which indicates the purpose of the
query and the product.



swbell wrote:
> I am working on a product feature that helps the user diagnose problems when
> communicating with Active Directory.  One problem that users have is when
> they remove domain controllers manually, and end up leaving faulty
> _kerberos._udp.domain.xxx records in their DNS.
> 
> Is there any API or no-op protocol exchange that can be performed to see if
> a KDC is reachable?
> 
> This API would be used to log info into a system log, or provide UI feedback
> to a user that is checking domain connectivity.
> 
> 
> 

-- 
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu