[30265] in Kerberos
RE: Kerberize MS Exchange?
daemon@ATHENA.MIT.EDU (Eric Hill)
Thu Sep 4 14:27:27 2008
From: "Eric Hill" <eric@ijack.net>
To: "'Michael B Allen'" <ioplex@gmail.com>,
"'Walter Sobchak'" <genijalac@yahoo.com>
Date: Thu, 4 Sep 2008 13:26:32 -0500
Message-ID: <6BBC1BDFD77747F7BB00884FC9C544EE@pioneer.world>
MIME-Version: 1.0
In-Reply-To: <78c6bd860809040910u171bee84ya6597e32742051ec@mail.gmail.com>
Cc: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
> Kerberize it how?
>
> MS Exchange uses a proprietary communications protocol so it's not
> clear how Kerberos authentication even works in Exchange [1].
>
> If you're talking about using IMAP4, last I checked MS Exchange does
> not support Kerberos w/ IMAP4 at all.
>
> Mike
>
> [1] There is some new "Exchange Protocols" documentation released as
> part of the EU settlement that might include such details.
Actually the protocol doesn't really include anything for authentication. The core Exchange security mechanism is a named pipe
connection to the server, and a thread running ImpersonateNamedPipeClient on the server-side to handle requests on behalf of the
user.
Microsoft may or may not use Kerberos to authenticate the pipe.
Eric
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
