Hi,
We have discovered a problem when we try to set/change password for a computer account in AD on Windows Server 2008. The computer account is created so we can use it for a service/application, and the key is created from it's password (randomly generated) and extracted into a key table file. Our code is able to create the account (authenticating to AD using SASL/GSS/Kerberos) but when we try and set the computer account's password to a random value, the request is rejected, so it looks like AD on Windows 2008 has some changes which stop password changes for computer accounts, or maybe something which is stopping changes to passwords for accounts that use a principal name such as name/[EMAIL PROTECTED] The same code works perfectly on Windows Server 2003 domains, so we suspect some changes in Windows Server 2008 have caused this set/change password restriction. Does anybody have any experience of same problem ? Thanks, Tim ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
