Support of non-ASCII username/password in KDC of Win2000 server
Tay, William
William.Tay at usa.xerox.com
Fri Aug 8 11:50:58 EDT 2003
Hi,
I have a question about Kerberos authentication against a KDC on a Win 2000
server, using non-ASCII username/password. The non-Windows client that I use
is kinit.
First, I tried to insert the following pairs of username/password in
sequence into the Kerberos KDC of the Win 2000 server:
a. username=decu; password=decu1
b. username=decu; password=decu2
c. username=decu; password=decu3
d. username=decu; password=decu4
Apparently, the database is recognizing decu, decu, decu and decu as the
same string. Hence the pairs in b, c and d cannot be created; it claimed the
username already existed.
2. Thinking that decu could be transformed into decu and that username has
to be unique, I tried to only create a pair of username=decu and
password=decu. Then verified the hypothesis by invoking kinit with
username=decu and password=decu. Result failed.
3. Creating only username=decu and password=decu in the KDC, the
authentication was successful.
Is it true that Windows KDC does not support non-ASCII username/password?
Thanks.
Will
More information about the krbdev
mailing list