(heimdal.info.gz) Authorisation data
Info Catalog
(heimdal.info.gz) Encryption types
(heimdal.info.gz) Windows 2000 compatability
(heimdal.info.gz) Quirks of Windows 2000 KDC
8.5 Authorisation data
======================
The Windows 2000 KDC also adds extra authorisation data in tickets. It
is at this point unclear what triggers it to do this. The format of
this data is only available under a "secret" license from Microsoft,
which prohibits you implementing it.
A simple way of getting hold of the data to be able to understand it
better is described here.
1. Find the client example on using the SSPI in the SDK documentation.
2. Change "AuthSamp" in the source code to lowercase.
3. Build the program.
4. Add the "authsamp" principal with a known password to the
database. Make sure it has a DES key.
5. Run `ktutil add' to add the key for that principal to a keytab.
6. Run `appl/test/nt_gss_server -p 2000 -s authsamp --dump-auth=FILE'
where FILE is an appropriate file.
7. It should authenticate and dump for you the authorisation data in
the file.
8. The tool `lib/asn1/asn1_print' is somewhat useful for analysing
the data.
Info Catalog
(heimdal.info.gz) Encryption types
(heimdal.info.gz) Windows 2000 compatability
(heimdal.info.gz) Quirks of Windows 2000 KDC
automatically generated byinfo2html