[24519] in Kerberos

home help back first fref pref prev next nref lref last post

Re: windows browsers send ntlm instead of kerberos tokens

daemon@ATHENA.MIT.EDU (Jeffrey Altman)
Fri Aug 26 11:14:04 2005

From: Jeffrey Altman <jaltman2@nyc.rr.com>
Message-ID: <VhGPe.19606$%w.17517@twister.nyc.rr.com>
Date: Fri, 26 Aug 2005 15:10:45 GMT
To: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu

Julien ALLANOS wrote:

> Quoting Jeffrey Altman <jaltman2@nyc.rr.com>:
> 
>> Neither Internet Explorer nor FireFox 1.0 use KFW for their Kerberos
>> support.   If you want them to have Kerberos credentials, Windows must
>> obtain them for you when you login to Windows using an Active Directory
>> account.
>>
>> Jeffrey Altman
> 
> 
> OK, but how can I be certain that Windows did really obtain the Kerberos
> credentials at login, that FF or IE might be able to use after?

Since you have MIT KFW installed you can list the contents of the
MSLSA ccache with

	klist -c MSLSA:

Otherwise, you can install one of the Microsoft tools such as
kerbtray.exe that are available from the Microsoft download web site.

Jeffrey Altman

-- 
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos

home help back first fref pref prev next nref lref last post