Date: Tue, 10 Apr 2001 01:03:29 -0600 From: Brett Glass <brett@lariat.org> To: Terry Lambert <tlambert@primenet.com> Cc: mwm@mired.org (Mike Meyer), dchulhan@uwi.tt (Dale Chulhan - Home), chat@FreeBSD.ORG (chat@FreeBSD.ORG), TheTechies@onelist.com (My List), mbug@listbot.com (The Trinidad and Tobago Microsoft BackOffice Users Group) Subject: Re: Win NT vs UNIX ( cross fire ) Message-ID: <4.3.2.7.2.20010410005926.00d937b0@localhost> In-Reply-To: <200104092035.NAA28894@usr08.primenet.com> References: <4.3.2.7.2.20010407152644.0455d9b0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
At 02:35 PM 4/9/2001, Terry Lambert wrote: >Microsoft uses a reserved field for a Microsoft-specific "cookie" >that mapped into the Windows NT credential space. > >The author of Kerberos has come out and stated that they are >using that field in a way it was not intended to be used. All true! >It is possible for your Kerberos client machines to use a >Windows box as a Kerberos server. > >It is _not_ possible, however, to use a UNIX box as a Kerberos >server for Windows machines, without losing some functionality. Whenever one uses Windows machines, one loses some functionality. ;-) >Because they don't document how they use the field internally, >it's also not possible to participate as a doamin controller >in a Windows 2000 domain, unless you are a Windows box. I'm sure that this will be reverse-engineered. Of course, participating in Windows 2000 domains is a bad idea to begin with, because of security problems. I counsel my clients to avoid file sharing in general and Windows file sharing in particular. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20010410005926.00d937b0>