Administration of Active Directory does not have to be hard. Too often what should be a simple task is made more difficult than it needs to be.The solution? Hyena from SystemTools Software. With ease-of-use as well as powerful importing and bulk updating capabilities.
Which version of Kerberos do I use?
Hi,
We are using a single-sign on software from Evidian.
We've noticed that on our Windows 7 x86 machines, the user is not automatically identified by Evidian when logging in with firstname.lastname@domain.
On ther other hand, when logging in with the short username, the Evidian engine recognises the account and automatically identifies the user.
I believe this is due to the way Kerberos is used.
I've read years ago the differences between logging in with "firstname.lastname@domain
Could someone refresh my memory and let me know what are the difference for Kerberos between the long and short username?
I've already found this (http://technet.microsoft.com/en-us/library/cc772815%28WS.10%29.aspx) but it doesn't say whether using the short or long username make a difference or not
Thanks
We are using a single-sign on software from Evidian.
We've noticed that on our Windows 7 x86 machines, the user is not automatically identified by Evidian when logging in with firstname.lastname@domain.
On ther other hand, when logging in with the short username, the Evidian engine recognises the account and automatically identifies the user.
I believe this is due to the way Kerberos is used.
I've read years ago the differences between logging in with "firstname.lastname@domain
Could someone refresh my memory and let me know what are the difference for Kerberos between the long and short username?
I've already found this (http://technet.microsoft.com/en-us/library/cc772815%28WS.10%29.aspx) but it doesn't say whether using the short or long username make a difference or not
Thanks
Who is Participating?
LVL 74
There is no difference in the way kerberos works (as far as I am aware) when you use the different login styles. Just some software is not written to recognise the UPN's and therefore will not work.
Hi demazter, this is indeed the UPN (and also the email address).
So when logging in with the logon name it doesn't work, when loggin in with the pre-)Windows 2000 logon name, it does work.
07-Mar-2011-15-23-52.jpg
So when logging in with the logon name it doesn't work, when loggin in with the pre-)Windows 2000 logon name, it does work.
07-Mar-2011-15-23-52.jpg
OK, I thought using the "post-Windows 2000" logon forced the usage of kerberos v5 while the "pre-Windows 2000" logon still used an older version. Do you confirm ?
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month10 days, left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
