If you want to ensure you are using Kerberos, you can set the OWA server to only allow Kerberos authentication. This can be set using a group policy.
Dennis > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > [EMAIL PROTECTED] > Sent: Tuesday, September 07, 2004 11:07 AM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] RPC Netlogon to AD > > It uses either Kerberos or NTLM based on the best protocol > that can be negotiated (using the Negotiate protocol). > > > > I don't believe you can disable the netlogon. Also, your > question doesn't make sense to me as the server IS using > Kerberos (or NTLM) to authenticate the user to AD. > > > > Joe K. > > > > ________________________________ > > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Lara Adianto > Sent: Monday, September 06, 2004 5:06 AM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] RPC Netlogon to AD > > > > Hi list, > > In the process of authenticating a user login to OWA, I > noticed that the front end server use DC RPC RPC_Netlogon to > authenticate the user to AD. However, as the stub data is > encrypted, I couldn't really figure out how the > authentication is actually done. Is it NTLM ? Kerberos ? or > something else ? > > Is there any way to disable RPC_Netlogon authentication and > configure Front End to use kerberos to authenticate the user to AD ? > > thanks > lara > > > > -------------------------------------------------------------- > ---------------------- > La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit > - Guy de Maupassant - > -------------------------------------------------------------- > ---------------------- > > ________________________________ > > Do you Yahoo!? > Yahoo! Mail Address AutoComplete > <http://us.rd.yahoo.com/mail_us/taglines/aac/*http:/promotions .yahoo.com/new_mail/static/ease.html> - You start. We finish. > > This message is for the designated recipient only and may > contain privileged, proprietary, or otherwise private > information. If you have received it in error, please notify > the sender immediately and delete the original. Any other use > of the email by you is prohibited. > > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
