|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
01-26-2007
| #1 (permalink) |
| | Vista compatibility with mixed system kerberos authentication? Does Vista support single sign on kerberos authentication with a unix kds? With our current infrastructure, we use ksetup in our Windows 2003 AD with XP clients to add the kerberos realm for our users to login. So far, with some breif testing, the same group policy that we use on our XP machines (ksetup to add the kerberos realm), doesn't work on Vista. Is there a version of ksetup or similar that is used in Vista? Thanks! |
My System Specs |
|
02-27-2007
| #2 (permalink) |
| | RE: Vista compatibility with mixed system kerberos authentication? anyone? "tkmlee" wrote: > Does Vista support single sign on kerberos authentication with a unix kds? > > With our current infrastructure, we use ksetup in our Windows 2003 AD with > XP clients to add the kerberos realm for our users to login. > > So far, with some breif testing, the same group policy that we use on our XP > machines (ksetup to add the kerberos realm), doesn't work on Vista. Is there > a version of ksetup or similar that is used in Vista? > > Thanks! |
| My System Specs |
|
03-28-2007
| #3 (permalink) |
| | Re: Vista compatibility with mixed system kerberos authentication? Admittedly, I'm don't know a great deal about this but am trying to learn more....how are you using group policy to leverage ksetup to add the kerberos realm? I know in my work environment we have a GPO that runs a .reg file with the /s switch that adds the necessary registry entry for our kerberos realm. HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Control\Lsa\Kerberos\Domains\{domain name} with a value of KdcNames:REG_MULTI_SZ:{kdc server} This .reg entry works for the Vista clients as well. No ksetup.exe necessary. But we have another problem. It seems when users lock their Vista screens all their tickets are destroyed and then not renewed when the they re-authenticate to unlock the screen. That's not helpful! tkmlee wrote: > anyone? > > "tkmlee" wrote: > > > Does Vista support single sign on kerberos authentication with a unix kds? > > > > With our current infrastructure, we use ksetup in our Windows 2003 AD with > > XP clients to add the kerberos realm for our users to login. > > > > So far, with some breif testing, the same group policy that we use on our XP > > machines (ksetup to add the kerberos realm), doesn't work on Vista. Is there > > a version of ksetup or similar that is used in Vista? > > > > Thanks! |
| My System Specs |
|
05-25-2007
| #4 (permalink) |
| | Re: Vista compatibility with mixed system kerberos authentication? same here if its a laptop without a network connection, the credentials don't cache and the user can't log into the kerberos realm.... not a good thing..... "Jason" wrote: > Admittedly, I'm don't know a great deal about this but am trying to > learn more....how are you using group policy to leverage ksetup to add > the kerberos realm? I know in my work environment we have a GPO that > runs a .reg file with the /s switch that adds the necessary registry > entry for our kerberos realm. HKEY_LOCAL_MACHINE\SYSTEM > \CurrentControlSet\Control\Lsa\Kerberos\Domains\{domain name} > with a value of KdcNames:REG_MULTI_SZ:{kdc server} > > This .reg entry works for the Vista clients as well. No ksetup.exe > necessary. But we have another problem. It seems when users lock their > Vista screens all their tickets are destroyed and then not renewed > when the they re-authenticate to unlock the screen. That's not > helpful! > > > tkmlee wrote: > > anyone? > > > > "tkmlee" wrote: > > > > > Does Vista support single sign on kerberos authentication with a unix kds? > > > > > > With our current infrastructure, we use ksetup in our Windows 2003 AD with > > > XP clients to add the kerberos realm for our users to login. > > > > > > So far, with some breif testing, the same group policy that we use on our XP > > > machines (ksetup to add the kerberos realm), doesn't work on Vista. Is there > > > a version of ksetup or similar that is used in Vista? > > > > > > Thanks! > > |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| Problems with Vista Kerberos Authentication in AD Domain | Vista networking & sharing | |||
| Vista interoperability with MIT Kerberos | Vista security | |||
| Unable to initialize the security package Kerberos for server side authentication | Vista networking & sharing | |||
| Kerberos authentication support in Windows Mail | Vista mail | |||
| Mixed SCSI, IDE -- system partition and page file(s) | Vista installation & setup | |||
