kfw-4.1-beta3 is available
Tom Yu
tlyu at mit.edu
Tue May 24 17:57:26 EDT 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MIT Kerberos for Windows 4.1-beta3 is now available for download from
http://web.mit.edu/kerberos/dist/testing.html
The main MIT Kerberos web page is
http://web.mit.edu/kerberos/
Please send comments to the krbdev list.
Major changes in 4.1
=====================
These changes may also be found at
http://web.mit.edu/kerberos/kfw-4.1/kfw-4.1.html
Developer experience:
* KfW now uses the UI compiler uicc.exe, to support the transition from the MFC
ribbon to a native Windows ribbon. The uicc.exe found in Visual Studio 2010
is insufficient; Service Pack 1 is required.
Administrator experience:
* The default realm for KfW can be set in the registry; this setting takes
precedence over the default realm set in krb5.ini.
End-user experience:
* ms2mit.exe behavior has changed to improve the MSLSA: cache experience
for UAC-restricted login sessions on an AD domain that runs ms2mit.exe
in login scripts:
- If the TGT is accessible in the LSA ccache, copy the LSA ccache to
the API ccache.
- Set the registry key for the default ccname to "API:" if the copy
occurred, or to "MSLSA:" if it didn't occur.
* The support for the MSLSA: cache type has been greatly improved, making
better use of the native LSA operations. This should improve the user
experience at elevated UAC levels.
* The Ribbon interface has been switched from the MFC to the native
implementation, improving accessibility for screen-reading software.
* Registry entries are set for the KdcNames of certain Kerberos realms; such
entries are needed for the LSA to retrieve tickets from non-AD realms.
* A message is displayed on successful password change.
* Updates from the 1.11, 1.12, and 1.13 krb5 release notes are also applicable
here.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAEBAgAGBQJXRM5GAAoJEKMvF/0AVcMFcQYL/jt2S/0jHWwAXo04jM88LPQf
OWoZr8FWksslMpiFyHqKA7aB3HSaJZQc7ieuZ/SrkU8czlu2oMNM3NKjEdGrUePK
EjQDd/hw7XIXgzNGWqq1QHFlVP6TayaWB4hAegfNhgBbtLtBHg7E6kjTSMaca1KF
bTJGbvKO5d2KGjBgU02rfc5JzRkrRHmSIFHTD6I3zdqyywHRhc1fPSWyq1nVeft1
6nhTQONsz8bJub54FpTEWSNvEa+i8GIiOidoiZmZY4KYx6uynuJeF+lT00TJHF28
eBhSxcOk/iIAKxU9F8hSNimVdi6GoXwgdkYZJJKztZA5ns+shFvwBOmwTenM/SdI
grzGmsh/J4FRSHNmk9dHGnlt4zhQebxhxMRdRHrZlAxliUeLnLhP0TrehzF0FXj7
VtLYUWlv1onmyjcDjwZn6p8T5rDGMEbNiyMgy+aQ7FXW4cCWZQOMmBqqDOLlfrV4
AZ/0kNPLEtKvwAu9bK/Vyh4K7fGq3AzzMxiXA5usOg==
=NWXd
-----END PGP SIGNATURE-----
More information about the Kerberos
mailing list