SASL binding with SSL encryption
Ryan Lynch
ryan.b.lynch at gmail.com
Tue Oct 27 11:13:54 EDT 2009
On Tue, Oct 27, 2009 at 01:56, Xu, Qiang (FXSGSC)
<Qiang.Xu at fujixerox.com> wrote:
> Still, in testing against AD in Windows 2003 Server (or Windows 2000 Server), the binding result is good and bad alternatively, exhibiting a pingpong style. In contrast, if I do the same test against AD in Windows 2008 Server, the binding is always good.
A suggestion, from my past experiences: Have you confirmed that your
"ping-pong" results are always coming from the same AD domain
controller? If not, try tracing the packet traffic, or just increasing
your client-side debug verbosity. If the success vs. failure results
can be correlated to different DCs, this may be a configuration issue
on one of your DCs.
-Ryan
More information about the Kerberos
mailing list