Hello Andrew, Do you have any new status for this? Have you determined if this is still a problem for you?
Thanks John -----Original Message----- From: Andrew Bartlett [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2008 9:03 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; John Dunning Subject: RE: Regarding [MS-KILE] 3.4.5.1 Three-Leg DCE-Style Mutual Authentication On Fri, 2008-08-08 at 11:07 -0700, John Dunning wrote: > Hello Andrew, > I've received feedback from the Product team and they are requesting > additional clarification. To start with I would like to insure we understand > the issue. > > We understand the problem to be the following, please let me know if this is > not correct. > > The behavior SAMBA is seeing is Client authenticates to Server using KILE and > the following occurs: > 1. Client sends RFC std AP_REQ to server > 2. Server sends RFC std AP_REP to client > in this message the sequence number is n > 3. Client sends AP_Rep to server > in this message the sequence number is n in XP and n+1 in Vista only when > AES is used Metze: You seemed to finally get this all working, was the sequence number a red herring, or did we still need a special case there? > ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > > Please clarify what GSSAPI you are using. From the Product team's > investigation they don't see a difference in behavior with AES. They > are also requesting possible repro steps and Kerberos logs. We use a patched version of Heimdal. Having Vista join Samba4 is the base case we were working on, but metze will be able to clarify the current status. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
