Hi, Not sure if this is the correct place to post this question so I'm sorry if it's not.
I've created in a test environment the following configuration: - PC A: Running Windows 2003 as active directory domain controller. - PC B: Windows XP Pro (that was added to the AD) logged on to the AD. - PC C: Simply running a sniffer. Now.. Having read this : http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Operations/6291dce1-4ea8-4b4f-a9c1-23926ab6e8dd.mspx I fixed what was stated in this article (added the AD server to the correct zone on the XP client, and made sure that the Integrated logon was checked) After this setup I was ready to start the browser and post a request for a simple "Hello world" page on the AD server (and yes , the URL was constructed with the FQDN of the Ad and not it's IP) When the TCP stream was decoded by the sniffer I found that the server sent a single "Authorization" header to the client stating "Negotiate" and the client sent an NTLM keys (decoded into "NTLMSSP" string) no mater what I tried I keep getting those NTLM sessions and no Kerberos. Eitan. ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
