[19476] in Kerberos
RE: string-to-key in Windows Server 2003
daemon@ATHENA.MIT.EDU (Kevin Coffman)
Thu Jun 26 17:04:47 2003
From: "Kevin Coffman" <kwc@citi.umich.edu>
To: "'Ben Cox'" <cox-work@djehuti.com>, <kerberos@mit.edu>
Date: Thu, 26 Jun 2003 17:03:53 -0400
Message-ID: <001401c33c26$7375ce30$b285d38d@citi.umich.edu>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
In-Reply-To: <1056660521.6233.34.camel@cox-pc.spinnakernet.com>
Content-Transfer-Encoding: 8bit
Errors-To: kerberos-bounces@mit.edu
Most errors of this type (works against W2K, but not W2K3), that I have
heard of, had to do with the 2003 server trying to switch to TCP because the
packet has become too big. It seems that either they are putting more in
the PAC, or W2K3 tries to switch earlier than W2K did.
K.C.
-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On Behalf
Of Ben Cox
Sent: Thursday, June 26, 2003 4:49 PM
To: kerberos@mit.edu
Subject: string-to-key in Windows Server 2003
We are attempting to authenticate against a Windows Server 2003 Active
Directory Server and getting a preauthentication failure (preauth is
enc-timestamp). We're using a key that we generated from the password
and stored into a keytab; this works against a Win2K AD server but not
against a 2003 server.
Did the string-to-key algorithm change in Win 2003? (Or does it use a
different mechanism for generating the salt?)
Any info (or pointers to info) on this would be appreciated.
-- Ben
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
