Vista / UAC

Jeffrey Altman jaltman at
Thu Mar 1 10:25:33 EST 2007

Tim Alsop wrote:
> Jeffrey,
> Is UAC enabled on your Vista workstation ?
Yes.  If I login with an account that is a member of the administrators
group, UAC is triggered.
> Perhaps we need to use a different LSA function to get the session key,
> compared to how we do it in the code which works on XP ? Is the code
> accessing session key the MIT kerberos library ? Also, I assume that
> kermit is using the MIT gss on Windows to access credentials so there is
> nothing in kermit which is special.
Kermit is using the KFW GSS-API library using the MSLSA: ccache type.
> Can you also confirm that you are using RC4 keys for service tickets ?
> We are using RC4 session keys.
This particular case is not using RC4-HMAC.  Not that it would make a

I can store arbitrary service tickets into the MSLSA: and read them back
without issue.

Jeffrey Altman
Secure Endpoints Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the krbdev mailing list