I am new to Kerberos and I probably have the terminiology wrong so I apologize right off.
We are trying to build an environment where students are allowed to log into a Windows XP desktop workstation that is part of a Windows Server 2003 (we could use win2k3 or win2000 if need be...) Active Directory domain, but we would like them to authenticate to an MIT Kerberos KDC through a trust arrangement. We don't want the MIT Kerberos KDC to have to know and trust each individual workstation, we want it to only know about the Windows Server 2003 domain controller. In other words I don't want to point 100 XP workstations at the KDC for authentication, I want them to just sign into the AD domain but get authenticated by the fact that they have a valid account in the MIT kerberos KDC. Is this even possible? TIA tj ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
