DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH
 

(heimdal.info.gz) Authorisation data

Info Catalog (heimdal.info.gz) Encryption types (heimdal.info.gz) Windows 2000 compatability (heimdal.info.gz) Quirks of Windows 2000 KDC
 
 8.5 Authorisation data
 ======================
 
 The Windows 2000 KDC also adds extra authorisation data in tickets.  It
 is at this point unclear what triggers it to do this.  The format of
 this data is only available under a "secret" license from Microsoft,
 which prohibits you implementing it.
 
 A simple way of getting hold of the data to be able to understand it
 better is described here.
 
   1. Find the client example on using the SSPI in the SDK documentation.
 
   2. Change "AuthSamp" in the source code to lowercase.
 
   3. Build the program.
 
   4. Add the "authsamp" principal with a known password to the
      database.  Make sure it has a DES key.
 
   5. Run `ktutil add' to add the key for that principal to a keytab.
 
   6. Run `appl/test/nt_gss_server -p 2000 -s authsamp --dump-auth=FILE'
      where FILE is an appropriate file.
 
   7. It should authenticate and dump for you the authorisation data in
      the file.
 
   8. The tool `lib/asn1/asn1_print' is somewhat useful for analysing
      the data.
 
Info Catalog (heimdal.info.gz) Encryption types (heimdal.info.gz) Windows 2000 compatability (heimdal.info.gz) Quirks of Windows 2000 KDC
automatically generated byinfo2html