[24459] in Kerberos
RE: Kerberos ticket access to MS Exchange
daemon@ATHENA.MIT.EDU (Nebergall, Christopher)
Tue Aug 16 16:18:32 2005
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Mon, 15 Aug 2005 17:02:31 -0600
Message-ID: <B4106C82DFD51449B94258FB2FA9343901431DB7@ES23SNLNT.srn.sandia.gov>
From: "Nebergall, Christopher" <cneberg@sandia.gov>
To: "Ken Hornstein" <kenh@cmf.nrl.navy.mil>, kerberos@mit.edu
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 8bit
Errors-To: kerberos-bounces@mit.edu
Did anyone have any luck with GSSAPI in SMTP and POP? This suggests
that they support it.
http://www.msexchange.org/tutorials/Telnet-Exchange2003-POP3-SMTP-Troubl
eshooting.html
-----Original Message-----
From: kerberos-bounces@mit.edu [mailto:kerberos-bounces@mit.edu] On
Behalf Of Ken Hornstein
Sent: Monday, August 01, 2005 12:34 PM
To: kerberos@mit.edu
Subject: Re: Kerberos ticket access to MS Exchange
>something that will eventually not work anyway. The funny thing is, if
>you are going to store passwords on your Microsoft AD server acting as
>a KDC, then what is the point of having a KDC in the first place...in
>terms of Microsoft authentication? This is why I say that Microsoft
>uses Kerberos just to appease the 'nix natives. It certainly has
>little use in their own products.
To be fair to Microsoft ... they do seem to use Kerberos in a number of
places. E.g., their instant messaging protocol is Kerberized (I
verified that with a network sniffer). From my conversations with
Microsoft people, the reason Exchange doesn't do GSSAPI-authenticate
IMAP really seems to be more tied up in lack of interest in the Exchange
group (for what reason, I dunno).
--Ken
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos