scenario - windows 2000 client has established secure channel, authenticated using kerberos to the dns domain of which it is a member.
what determines the locator process (wins / dns) for the discovery of the DC for the user logon ?? MS tell us that for a NetBIOS name WINS is used - most users unless instructed to the contrary will use on the domains (NetBIOS) from the pick list of the logon dialog box does this mean that WINS is used for the DC locator ?? OR is there some process by the client "maps" this NetBIOS domain name to a DNS domain ?? and attempt to use DNS / LDAP ?? under NTLM / NT4 the logon request would be passed to the DC secure channel partner as a pass thru authentication request. (discovered by wins / netlogon) this pass thru authentication process is not implemented by Kereberos or is it ?? will be glad for help on this one GT List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
