[24384] in Kerberos
Re: Kerberos ticket access to MS Exchange
daemon@ATHENA.MIT.EDU (Ken Hornstein)
Mon Aug 1 14:34:53 2005
Message-Id: <200508011833.j71IXxtt000963@ginger.cmf.nrl.navy.mil>
To: kerberos@mit.edu
In-Reply-To: <6.1.2.0.0.20050731153349.01c0dec0@unccmail.uncc.edu>
Date: Mon, 01 Aug 2005 14:34:00 -0400
From: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Errors-To: kerberos-bounces@mit.edu
>something that will eventually not work anyway. The funny thing is, if you
>are going to store passwords on your Microsoft AD server acting as a KDC,
>then what is the point of having a KDC in the first place...in terms of
>Microsoft authentication? This is why I say that Microsoft uses Kerberos
>just to appease the 'nix natives. It certainly has little use in their own
>products.
To be fair to Microsoft ... they do seem to use Kerberos in a number of
places. E.g., their instant messaging protocol is Kerberized (I verified
that with a network sniffer). From my conversations with Microsoft people,
the reason Exchange doesn't do GSSAPI-authenticate IMAP really seems to
be more tied up in lack of interest in the Exchange group (for what
reason, I dunno).
--Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos