|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Display Modes |
Web Development Archives Sponsor:
|
|
|
|
#1
July 2nd, 2008, 07:11 AM
|
|||
|
|||
|
Kerberos 5 and NTLMv2 without SPNEGO?
02/07/2008, at 7:22 PM, Nilesh Lonari wrote:
No, both Kerberos and NTLMSSP can't be done without SPNEG support. > Without SPNEG, we would not be able to negotiate with the server which one to use between the 2. The InitialContextToken contains the ID of the GSS-API mechanism (NTLMSSP excepted, but it also contains a well known header). NTLMSSP works without SPNEG as its the default auth. mechanism used by Microsoft. You've contradicted your first statement. And only Kerberos also can't work without SPNEG support. what authority state you this? [MS-SMB] section 5.2 implies that any GSS-API mechanism is supported (although that should be qualified by stating that the mechanism should have an exportable session key). Now, you may be right, the only way to verify this for sure is to test it. -- Luke
|
|
| Viewing: Web Development Archives > Mailing Lists > Samba > Kerberos 5 and NTLMv2 without SPNEGO? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
