kfw-4.1-beta3 is available

Tom Yu tlyu at mit.edu
Tue May 24 17:57:26 EDT 2016 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MIT Kerberos for Windows 4.1-beta3 is now available for download from

         http://web.mit.edu/kerberos/dist/testing.html

The main MIT Kerberos web page is

         http://web.mit.edu/kerberos/

Please send comments to the krbdev list.

Major changes in 4.1
=====================
These changes may also be found at

    http://web.mit.edu/kerberos/kfw-4.1/kfw-4.1.html

Developer experience:

* KfW now uses the UI compiler uicc.exe, to support the transition from the MFC
ribbon to a native Windows ribbon. The uicc.exe found in Visual Studio 2010
is insufficient; Service Pack 1 is required.

Administrator experience:

* The default realm for KfW can be set in the registry; this setting takes
precedence over the default realm set in krb5.ini.

End-user experience:

* ms2mit.exe behavior has changed to improve the MSLSA: cache experience
  for UAC-restricted login sessions on an AD domain that runs ms2mit.exe
  in login scripts:

  - If the TGT is accessible in the LSA ccache, copy the LSA ccache to
    the API ccache.

  - Set the registry key for the default ccname to "API:" if the copy
    occurred, or to "MSLSA:" if it didn't occur.

* The support for the MSLSA: cache type has been greatly improved, making
better use of the native LSA operations. This should improve the user
experience at elevated UAC levels.

* The Ribbon interface has been switched from the MFC to the native
implementation, improving accessibility for screen-reading software.

* Registry entries are set for the KdcNames of certain Kerberos realms; such
entries are needed for the LSA to retrieve tickets from non-AD realms.

* A message is displayed on successful password change.

* Updates from the 1.11, 1.12, and 1.13 krb5 release notes are also applicable
here.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQGcBAEBAgAGBQJXRM5GAAoJEKMvF/0AVcMFcQYL/jt2S/0jHWwAXo04jM88LPQf
OWoZr8FWksslMpiFyHqKA7aB3HSaJZQc7ieuZ/SrkU8czlu2oMNM3NKjEdGrUePK
EjQDd/hw7XIXgzNGWqq1QHFlVP6TayaWB4hAegfNhgBbtLtBHg7E6kjTSMaca1KF
bTJGbvKO5d2KGjBgU02rfc5JzRkrRHmSIFHTD6I3zdqyywHRhc1fPSWyq1nVeft1
6nhTQONsz8bJub54FpTEWSNvEa+i8GIiOidoiZmZY4KYx6uynuJeF+lT00TJHF28
eBhSxcOk/iIAKxU9F8hSNimVdi6GoXwgdkYZJJKztZA5ns+shFvwBOmwTenM/SdI
grzGmsh/J4FRSHNmk9dHGnlt4zhQebxhxMRdRHrZlAxliUeLnLhP0TrehzF0FXj7
VtLYUWlv1onmyjcDjwZn6p8T5rDGMEbNiyMgy+aQ7FXW4cCWZQOMmBqqDOLlfrV4
AZ/0kNPLEtKvwAu9bK/Vyh4K7fGq3AzzMxiXA5usOg==
=NWXd
-----END PGP SIGNATURE-----

More information about the Kerberos mailing list