Windows Server Referral Problem

Jeffrey Altman jaltman at secure-endpoints.com
Sun Sep 2 23:22:17 EDT 2007


Markus Moeller wrote:
> Thomas,
>
> thank you for the pointer. I found my problem and it was related to having a 
> duplicated entry in another domain (uat.example.com) which I forgot about. I 
> had
>
>
>                        EXAMPLE.COM
>                       /                    |      \
>                      /                     |        \
> TEST.EXAMPLE.COM     |       PROD.EXAMPLE.COM
>                                            |
>                                    UAT.EXAMPLE.COM
>
> So when a client in prod.example.com was looking for 
> HTTP/server2.example.com the request was send to PROD.EXAMPLE.COM which 
> checked if EXAMPLE.COM knew about ONE entry and in this case there were more 
> than one entry available which forced PROD.EXAMPLE.COM to return unknown 
> principal.  ( At least that is what I think happened )
>
> Does anybody know a link from Microsoft how the sever referrals work ?  It 
> doesn't seem to follow the draft.
>
> Thank you
> Markus
Markus:

The Microsoft referrals extensions date back to 1999.  You will need to
a copy of the draft that dates back to that time frame.

Jeffrey Altman


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20070902/5b44a4a4/attachment.bin


More information about the Kerberos mailing list