"Henrik Nordström" <henrik_at_henriknordstrom.net> wrote in message
news:1270839045.2636.1.camel_at_localhost.localdomain...
> fre 2010-04-09 klockan 12:12 +0100 skrev Markus Moeller:
>
>> Regarding your second point about workgroups the answer is that
>> Kerberos
>> can work too (with popup). But to make it work your DHCP server has to
>> privode WINS servers (or it has to be hardcoded on the client). When a
>> client gets the Negotiate request the client will try to find out where
>> the
>> domain server is for that domain (using the username details e.g.
>> @DOMAIN)
>> via Netbios name resolution using the configured WINS servers. Once
>> they
>> are determined the client will send AS and TGS requests to the domain
>> server
>> and can then authenticate to the proxy.
>
> Are you sure it relies on WINS in this case? DNS SRV records is the
> normal mechanism for discovery of KDC servers..
>
I wasn't sure but I tested and that was my observation.
> Regards
> Henrik
>
>
Received on Fri Apr 09 2010 - 19:21:13 MDT
This archive was generated by hypermail 2.2.0 : Sat Apr 10 2010 - 12:00:03 MDT