Thanks for the clarification.
I will ask the systems administrator on Monday.
Regards Peter
On 27/08/2010 8:36 PM, Ken Schaefer wrote:
Protocol Transition is a feature of the server where the service resides
Client ---> Server1 ----> Server2
If Client ---> Server1 is NTLM (or Digest), then Server1 can do
Protocol Transition and get a Kerberos ticket for Server2 service,
even if the original protocol is not natively delegatable (i.e. NTLM
or Digest).
I'm not really sure what XP has to do with it, unless you are saying
that the OS for Server1 is Windows XP. Protocol Transition came in
with Windows Server 2003.
For more info:
http://www.adopenstatic.com/cs/blogs/ken/archive/2007/07/19/8460.aspx
Cheers
Ken
*From:* [email protected]
[mailto:[email protected]] *On Behalf Of *Maddin, Peter
*Sent:* Friday, 27 August 2010 4:47 PM
*To:* ozDotNet
*Subject:* RE: NetSqlAzMan
I have found out that Kerberos Protocol Transition is available with
workstations: Vista onwards, Server: Windows Server 2003 onwards.
XP is just too old now.
(I know how it feels)
*Regards Peter Maddin*
*Applications Development Officer*
*Path**West Laboratory Medicine WA*
*Phone : +618 9473 3944*
*Fax : +618 9473 3982*
*E-Mail : [email protected]
<mailto:[email protected]>*
*The contents of this e-mail transmission outside of the WAGHS network
are intended solely for the named recipient's), may be confidential,
and may be privileged or otherwise protected from disclosure in the
public interest. The use, reproduction, disclosure or distribution of
the contents of this e-mail transmission by any person other than the
named recipient(s) is prohibited. If you are not a named recipient
please notify the sender immediately.*
*From:* [email protected]
[mailto:[email protected]] *On Behalf Of *Maddin, Peter
*Sent:* Friday, 27 August 2010 12:48 PM
*To:* [email protected]
*Subject:* NetSqlAzMan
I am starting out with NetSqlAzMan and when I tried the Check Access
Test with domain user account (not my own) it fails with an 'Incorrect
function'
As far as I can tell the access check test is using Kerberos Protocol
Transition
var otherLogin = WindowsIdentity("Domain Account");
It fails at this call with System.Security.SecurityException was
unhandled, Message="Incorrect function.\r\n"
NetSqlAzMan enables one to log to the EventLog and I found entries
like this
<snip>
Authentication Package: Kerberos
Workstation Name: FB20562
Status code: 0x80090302
</snip>
I have Googled and found lots of references to 0x80090302. However I
did not find anything useful to myself.
There is a HotFix for this issue if you are running Vista at
http://support.microsoft.com/kb/969083/
I am not using Vista, and until they upgrade to Win7, I am stuck with
XP Pro SP3.
The DC is on Win Server 2008.
Has anyone had similar issues like this?
With the number of people still using XP, I am certain that others
will have experienced this problem.
Is there a fix for XP?
I have also posted on the NetSqlAzMan Codeplex page but I thought that
if I post here someone may have found the appropriate hotfix.
*Regards Peter Maddin*
*Applications Development Officer*
*Path**West Laboratory Medicine WA*
*Phone : +618 9473 3944*
*Fax : +618 9473 3982*
*E-Mail : [email protected]
<mailto:[email protected]>*
*The contents of this e-mail transmission outside of the WAGHS network
are intended solely for the named recipient's), may be confidential,
and may be privileged or otherwise protected from disclosure in the
public interest. The use, reproduction, disclosure or distribution of
the contents of this e-mail transmission by any person other than the
named recipient(s) is prohibited. If you are not a named recipient
please notify the sender immediately.*
