Hi All On Windows, there's something called alternative UPN that you can create [EMAIL PROTECTED] in that.realm. Here's a very nice explanation: http://www.netometer.com/video/tutorials/upn/step1/step1.html
I've looked at the packets, it works like this: Suppose in realm REAL.COM there's a user x which also has an alternative UPN called [EMAIL PROTECTED] If the user logon with x, the principal name sent in AS-REQ is (x, NT-PRINCIPAL). If logon with [EMAIL PROTECTED], it's ([EMAIL PROTECTED], NT-ENTERPRISE). In both cases, the server replies with a TGT successfully. My question is: Is there any third party software supporting this feature? 1. For kinit, how do I specify the name type? 2. Using GSS, how do I create a GSS name? Thanks Speedo ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
