same here if its a laptop without a network connection, the credentials don't
cache and the user can't log into the kerberos realm.... not a good thing.....
"Jason" wrote:
> Admittedly, I'm don't know a great deal about this but am trying to
> learn more....how are you using group policy to leverage ksetup to add
> the kerberos realm? I know in my work environment we have a GPO that
> runs a .reg file with the /s switch that adds the necessary registry
> entry for our kerberos realm. HKEY_LOCAL_MACHINE\SYSTEM
> \CurrentControlSet\Control\Lsa\Kerberos\Domains\{d omain name}
> with a value of KdcNames:REG_MULTI_SZ:{kdc server}
>
> This .reg entry works for the Vista clients as well. No ksetup.exe
> necessary. But we have another problem. It seems when users lock their
> Vista screens all their tickets are destroyed and then not renewed
> when the they re-authenticate to unlock the screen. That's not
> helpful!
>
>
> tkmlee wrote:
> > anyone?
> >
> > "tkmlee" wrote:
> >
> > > Does Vista support single sign on kerberos authentication with a unix kds?
> > >
> > > With our current infrastructure, we use ksetup in our Windows 2003 AD with
> > > XP clients to add the kerberos realm for our users to login.
> > >
> > > So far, with some breif testing, the same group policy that we use on our XP
> > > machines (ksetup to add the kerberos realm), doesn't work on Vista. Is there
> > > a version of ksetup or similar that is used in Vista?
> > >
> > > Thanks!
>
>
|
Similar Threads
Linear Mode
