Vista / UAC
Jeffrey Altman
jaltman at secure-endpoints.com
Thu Mar 1 10:25:33 EST 2007
Tim Alsop wrote:
> Jeffrey,
>
> Is UAC enabled on your Vista workstation ?
Yes. If I login with an account that is a member of the administrators
group, UAC is triggered.
> Perhaps we need to use a different LSA function to get the session key,
> compared to how we do it in the code which works on XP ? Is the code
> accessing session key the MIT kerberos library ? Also, I assume that
> kermit is using the MIT gss on Windows to access credentials so there is
> nothing in kermit which is special.
Kermit is using the KFW GSS-API library using the MSLSA: ccache type.
> Can you also confirm that you are using RC4 keys for service tickets ?
> We are using RC4 session keys.
>
This particular case is not using RC4-HMAC. Not that it would make a
difference.
I can store arbitrary service tickets into the MSLSA: and read them back
without issue.
Jeffrey Altman
Secure Endpoints Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20070301/55af8cc1/attachment.bin
More information about the krbdev
mailing list