Application Server and KDC share some information like Service Tktkey?

Surendra Babu A surendra.a at samsung.com
Fri Dec 30 04:09:46 EST 2005


Hello,

Thank you for the reply.

So Microsoft's SMTP support within Exchange doesn't support Kerberos. OK.
Thank you for the information.

Could you please let me know which mail server supports Kerberos in Windows
2000/XP? Or do you have any idea about mail servers which support Kerberos?


Thanks a lot in advance,
-Surendra



----- Original Message ----- 
From: "Paul B. Hill" <pbh at MIT.EDU>
To: "'Surendra Babu A'" <surendra.a at samsung.com>
Sent: Thursday, December 29, 2005 3:19 AM
Subject: RE: Application Server and KDC share some information like Service
Tktkey?


> Hello,
>
> An Exchange server does not include KDC functionality. An Exchange server
> will never issue a ticket. A Windows 2000 or 2003 Domain Controller does
> include KDC functionality.
>
> No version of Exchange server support Kerberos authentication when using
> either POP3 or IMAP protocols. Exchange only offers Kerberos support when
> using the MAPI interfaces. This means that Exchange will only support
> Kerberos authentication for Outlook clients (within the same Windows
domain)
> and OWA.
>
> Microsoft's SMTP support within Exchange doesn't support Kerberos the last
> time I looked.
>
> What SMTP server are you using and has it been compiled with Kerberos
> support? If it has not been compiled with Kerberos support creating a
keytab
> for the server will not do any good.
>
> Paul
>
> -----Original Message-----
> From: kerberos-bounces at MIT.EDU [mailto:kerberos-bounces at MIT.EDU] On Behalf
> Of Surendra Babu A
> Sent: Wednesday, December 28, 2005 1:17 AM
> To: Douglas E. Engert
> Cc: kerberos at mit.edu
> Subject: Application Server and KDC share some information like Service
> Tktkey?
>
> Hi Douglas,
>
> Could you please clarify the following issue? I am working on Kerberos
> Server Authentication feature and using the Windows 2000 Exchange server
as
> the KDc server and SMTP server as the Application server.
>
> My aim: Server authentication should be done.
>
> Clarification on "Service Ticket Key":
>
> http://www.xml-dev.com/blog/index.php?action=viewtopic&id=21
> In the above link, the 4th and 5th steps are little confusing for me.
>
> 1. In the 3rd step, KDC sends the Service Tkt encrypted with the "Service
> Tkt Key". and etc.
>
> 2. In the 4th step, Client sends the  same Service Tkt key and
authenticator
> to the Application server. That means, the KDC and Application server
should
> agree on one "Service Ticket key". That means, there should be some
> communication between KDC and Application server. Right? How to configure
> the same with the Application server? Could you please let me know the
same?
>
> Thank you,
> -Surendra
>
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
>




More information about the Kerberos mailing list