Oracle ODP.NET use of MIT KfW
scot.mckinley at oracle.com
Fri Jul 24 16:41:10 EDT 2020
Hi, at Oracle we have a client DB adapter called ODP.NET Managed and
Core that uses MIT KerberosforWindows (KfW) in order to use Kerberos
based credentials to authenticate to the DB.
I have a couple of questions in reference to this product's use of KfW:
* The announcement pages for the KfW have quoted support for the exact
same Windows versions for at least 7 years, probably longer. The below
statement has been exactly the same for versions 4.0.1, 4.1 AND the new
4.2beta1. Can we get it updated?
"KfW is supported on Windows Vista (SP2 required), Windows 7, Windows 8,
Windows Server 2003, and Windows Server 2008."
* The Microsoft Credential Guard blocks acquisition of windows domain
based TGTs, thus blocking MSLSA based KfW credential acquisition. Has
this been addressed in 4.2beta1 or are there plans to address it (eg, by
switching to a SSPI based credential acquisition)?
Consulting Member of Technical
ODP.NET Network and Security
More information about the krbdev