X-CACHECONF in cache type 0504
Greg Hudson
ghudson at MIT.EDU
Thu Nov 18 13:56:41 EST 2010
On Thu, 2010-11-18 at 13:27 -0500, Tim Alsop wrote:
> How do you explain this extra cache entry if Active Directory is being
> used, which is not supporting FAST ?
We write that config entry if the encrypted padata response from the KDC
contains a padata element of type 136 (PA-FX-FAST).
When I kinit against an old MIT KDC, or against the AD 2003 KDC we have
here, the code does not see such a padata element and does not write the
config entry. Without further investigation on your end, I cannot
explain why you are seeing the config entry in your tests.
More information about the krbdev
mailing list