Kerberos Tickets flushed on unlocking Windows Xp?

Jeffrey Altman jaltman at secure-endpoints.com
Tue Jan 20 08:36:40 EST 2009


Rahul Kohli wrote:
> Hi,
>  
> I am facing a strange issue with Kerberos authentication on my Windows XP system. I noticed that on lock and unlock Windows XP system all the kerberos TGT and service tickets get deleted and recreated.
>  
> Is this a Known feature or defect ? Please let me know when does these kerberos tickets get flushed on the lock, or the unlock? 
>  
> Is there a patch/fix available for this behavior? Can the default locl/unlock behavior be changed for kerberos.
>  
> Thanks,
> Rahul
>
During the unlock XP is re-authenticating the user against the KDC. 
This results in a new TGT being obtained which replaces any previously
cached tickets.  This is a fairly standard behavior across Kerberos
implementations.

What is the problem that you are experiencing from this behavior?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20090120/f26b7fdb/attachment.bin


More information about the Kerberos mailing list