SSO Fails on XP SP2
Markus Moeller
huaraz at moeller.plus.com
Mon Jul 30 14:52:11 EDT 2007
You might need this:
"This new feature has been seen in Windows 2003 Server, Windows 2000 Server
SP4, and Windows XP SP2. We assume that it will be implemented in all
future Microsoft operating systems supporting the Kerberos SSPI. Microsoft
does work closely with MIT and has provided a registry key to disable this
new feature.
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters
AllowTGTSessionKey = 0x01 (DWORD)On Windows XP SP2 the key is specified as
HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos AllowTGTSessionKey =
0x01 (DWORD)"as described here
http://web.mit.edu/kerberos/kfw-2.6/kfw-2.6.5/relnotes.html#mslsa
Regards
Markus
"Miguel Sanders" <miguelsanders at telenet.be> wrote in message
news:1185818694.532130.67160 at g4g2000hsf.googlegroups.com...
> Dear all
>
> I don't know whether or not I should post this here or in
> microsoft.xp.client but I will do both.
> After successfully implementing a cross realm trust between AD and a
> UNIX realm, it seems that the clients that user SP1 can successfully
> have SSO to the UNIX machine whereas the SP2 people can't. Can anyone
> help me out, since I am not a Windows expert :-)
> The tool I use for SSO on the Windows clients is Vintella Putty 0.60
> q1.129.
>
>
> Kind regards
>
>
> Miguel
>
> ________________________________________________
> Kerberos mailing list Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
More information about the Kerberos
mailing list