Kerberos Tickets flushed on unlocking Windows Xp?
Jeffrey Altman
jaltman at secure-endpoints.com
Tue Jan 20 08:36:40 EST 2009
Rahul Kohli wrote:
> Hi,
>
> I am facing a strange issue with Kerberos authentication on my Windows XP system. I noticed that on lock and unlock Windows XP system all the kerberos TGT and service tickets get deleted and recreated.
>
> Is this a Known feature or defect ? Please let me know when does these kerberos tickets get flushed on the lock, or the unlock?
>
> Is there a patch/fix available for this behavior? Can the default locl/unlock behavior be changed for kerberos.
>
> Thanks,
> Rahul
>
During the unlock XP is re-authenticating the user against the KDC.
This results in a new TGT being obtained which replaces any previously
cached tickets. This is a fairly standard behavior across Kerberos
implementations.
What is the problem that you are experiencing from this behavior?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20090120/f26b7fdb/attachment.bin
More information about the Kerberos
mailing list