Windows Authorization Data in Kerberos Tickets

Nagaraj Shyam Nagaraj_Shyam at
Thu Dec 13 13:47:59 EST 2007


Hi All,

I am trying to decode the authorization data in kerberos tickets issued
by Microsoft's Active Directory KDC.  Of course the server machine is a
non windows machine (Linux in my case). I see some things I cant

e.g. if a user belongs to multiple groups, the "GroupCount" field doesnt
in the ticket, even if I add/remove the groups to which the user
I do the reboot, and kinit for the user again so, I get a fresh ticket.
The field I am referring to is in the tech doc at:

- have the developers on the list been successful in decoding the
- is this something of interest to the developers on the list or totally
off topic?

sorry about the spammage if it is the later case.  I did see some thread
about Microsoft ticket extensions on this list in the archives.


More information about the krbdev mailing list