Hi,
Il 13.43 24/02/2002 Henrik Nordstrom ha scritto:
> > Actually it's not. Kerberos doesn't fit in the same scheme. NTLMv2
> > though - yes.
>
>Are you positively sure that forwarding of a kerberos ticket cannot
>be done over NTLMSSP?
>
>How does native MSAD clients access NT4 servers?
Windows 2000/XP systems (the only MS native AD clients) when accessing NT4
resources use only NTLM protocol.
Kerberos is used only on intra domain level communications between 5.x
Windows systems (2000/XP), and if you connect a 2000/XP system outside your
domain (no AD trusting) from a 2000/XP client with domain\username
credentials, NTLM is used.
The SSP interface on Windows 2000/XP can use NTLM, NTLMv2 and Kerberos, but
latest MSDN documents only Kerberos ..... (Marketing ????)
About NTLM authentication, I have just found a NTLM native authenticator
for WIN32 Apache (mod_ntlm) that I will use as start point for a NTLM
Cygwin native authenticator. I have found too similar Apache modules for Unix.
Guido
-
=======================================================
Serassio Guido
Via Albenga, 11/4 10134 - Torino - ITALY
E-mail: guido.serassio@serassio.it
WWW: http://www.serassio.it
Received on Sun Feb 24 2002 - 06:05:42 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:48 MST