Enable Your Employees To Focus On The Core With Intuitive Onscreen Guidance That is With You At The Moment of Need.
Course Of The Month
2 days, 22 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Which version of Kerberos do I use?
Posted on 2011-03-04
Hi,
We are using a single-sign on software from Evidian.
We've noticed that on our Windows 7 x86 machines, the user is not automatically identified by Evidian when logging in with firstname.lastname@domain.
On ther other hand, when logging in with the short username, the Evidian engine recognises the account and automatically identifies the user.
I believe this is due to the way Kerberos is used.
I've read years ago the differences between logging in with "firstname.lastname@domain
Could someone refresh my memory and let me know what are the difference for Kerberos between the long and short username?
I've already found this (http://technet.microsoft.com/en-us/library/cc772815%28WS.10%29.aspx) but it doesn't say whether using the short or long username make a difference or not
Thanks
We are using a single-sign on software from Evidian.
We've noticed that on our Windows 7 x86 machines, the user is not automatically identified by Evidian when logging in with firstname.lastname@domain.
On ther other hand, when logging in with the short username, the Evidian engine recognises the account and automatically identifies the user.
I believe this is due to the way Kerberos is used.
I've read years ago the differences between logging in with "firstname.lastname@domain
Could someone refresh my memory and let me know what are the difference for Kerberos between the long and short username?
I've already found this (http://technet.microsoft.com/en-us/library/cc772815%28WS.10%29.aspx) but it doesn't say whether using the short or long username make a difference or not
Thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
3
7 Comments
Hi demazter, this is indeed the UPN (and also the email address).
So when logging in with the logon name it doesn't work, when loggin in with the pre-)Windows 2000 logon name, it does work.
07-Mar-2011-15-23-52.jpg
So when logging in with the logon name it doesn't work, when loggin in with the pre-)Windows 2000 logon name, it does work.
07-Mar-2011-15-23-52.jpg
There is no difference in the way kerberos works (as far as I am aware) when you use the different login styles. Just some software is not written to recognise the UPN's and therefore will not work.
OK, I thought using the "post-Windows 2000" logon forced the usage of kerberos v5 while the "pre-Windows 2000" logon still used an older version. Do you confirm ?
Featured Post
Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Suggested Solutions
| Title | # Comments | Views | Activity |
|---|---|---|---|
| Need to create Multiple folders by importing CSV file using powershell. | 13 | 59 | |
| Reconfigure Corporate IP Address Scheme | 2 | 63 | |
| Changing DHCP and radius server from windows server 2008 R2 to 2012 R2 maintaining same IP | 6 | 38 | |
| DNS Record Manupluation | 11 | 45 |
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations. For example, if a use…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten.
The USB drive must be s…
This Micro Tutorial hows how you can integrate Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease.
The following video show how to bind OSX Mavericks to …
Suggested Courses
Course of the Month2 days, 22 hours left to enroll
752 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.