Hi... I'm hoping that questions about MIT Kerberos for Windows are on-topic here. Apologies in advance if this is not the case.
We have a Samba 3 domain and also separate MIT Krb5 KDCs, where the principal names match the Samba userids. On previous Windows XP machines with Kfw 3.x installed, Kfw would somehow automatically get a TGT from the KDC when the user logged into the samba domain via the Windows domain logon dialog. I always assumed that Kfw somehow had access to the cleartext password entered by the user, but don't know if that's true. (Was there some kind of Windows password cache, or something via the GINA API?) Now on Windows 7, I can't seem to get Kfw 3 or 4 to behave the same way (still the same old Samba 3 domain). I understand that Kfw 4 can import credentials from the Windows 7 LSA, but I don't think that will help me, as we are using old NTLM style authentication rather than AD style, and thus Windows has no tickets. I've done a lot of searching to see how to get this to work, but have come up short. Is it still possible to do this? If so, any whacks with a cluebat would be greatly appreciated. Thanks in advance, -Matt ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
