Kerberos ticket access to MS Exchange

[Ken Hornstein]

>something that will eventually not work anyway.  The funny thing is, if you 
>are going to store passwords on your Microsoft AD server acting as a KDC, 
>then what is the point of having a KDC in the first place...in terms of 
>Microsoft authentication?  This is why I say that Microsoft uses Kerberos 
>just to appease the 'nix natives.  It certainly has little use in their own 
>products.

To be fair to Microsoft ... they do seem to use Kerberos in a number of
places.  E.g., their instant messaging protocol is Kerberized (I verified
that with a network sniffer).  From my conversations with Microsoft people,
the reason Exchange doesn't do GSSAPI-authenticate IMAP really seems to
be more tied up in lack of interest in the Exchange group (for what
reason, I dunno).

--Ken