We recently upgraded one of our Windows AD servers to 2003. We have a number of service principals registered in AD which are for services run on UNIX. Some users where having problems using these services.
It appears that 2003 AD now supports key version numbers in tickets. The upgraded server is issuing tickets with kvnos other then zero, while the others are always using zero. It is not clear where it got the kvno to use, as the entries where all added prior to the upgrade, and I don't recall entring in these kvnos in the ktpass command when we defined these principals. We have not found the AD command to look at what kvno is in the AD. Anyone know the command? -- Douglas E. Engert <[EMAIL PROTECTED]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
