[24519] in Kerberos
Re: windows browsers send ntlm instead of kerberos tokens
daemon@ATHENA.MIT.EDU (Jeffrey Altman)
Fri Aug 26 11:14:04 2005
From: Jeffrey Altman <jaltman2@nyc.rr.com>
Message-ID: <VhGPe.19606$%w.17517@twister.nyc.rr.com>
Date: Fri, 26 Aug 2005 15:10:45 GMT
To: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
Julien ALLANOS wrote:
> Quoting Jeffrey Altman <jaltman2@nyc.rr.com>:
>
>> Neither Internet Explorer nor FireFox 1.0 use KFW for their Kerberos
>> support. If you want them to have Kerberos credentials, Windows must
>> obtain them for you when you login to Windows using an Active Directory
>> account.
>>
>> Jeffrey Altman
>
>
> OK, but how can I be certain that Windows did really obtain the Kerberos
> credentials at login, that FF or IE might be able to use after?
Since you have MIT KFW installed you can list the contents of the
MSLSA ccache with
klist -c MSLSA:
Otherwise, you can install one of the Microsoft tools such as
kerbtray.exe that are available from the Microsoft download web site.
Jeffrey Altman
--
-----------------
This e-mail account is not read on a regular basis.
Please send private responses to jaltman at mit dot edu
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos