[DocHelp to Bcc] Hi Alexander,
Thanks for reaching out with your Kerberos/Netlogon question. I've created case 2508140040006509 to track the issue. One of our engineers will investigate this and contact you soon. Regards, Kristian Smith Support Escalation Engineer | Microsoft(r) Corporation Email: [email protected] -----Original Message----- From: Alexander Bokovoy <[email protected]> Sent: Thursday, August 14, 2025 5:41 AM To: Interoperability Documentation Help <[email protected]> Cc: [email protected] Subject: [EXTERNAL] Network Ticket Logon clarification Hello Dochelp, I am reading through MS-KILE v45 update that was published this week (v20250811) and trying to understand how would KDC receive the request which processing is described in the section [MS-KILE] 3.3.5.8 Network Ticket Logon. As referenced in [MS-KILE] 3.3.5.8, [MS-NRPC] 3.2.4.2 describes the process on the Netlogon side, namely: -------------------------------------- Broadly, there are five major steps in the network ticket logon process: - The Kerberos client prepares and makes a request (see [MS-APDS] sections 3.2.5.1 and 3.2.5.2) - Netlogon delivers the request (see section 3.2.4.2.1) - The Key Distribution Center (KDC) processes the request and sends a reply (see [MS-KILE] section 3.3.5.8.1) - Netlogon processes the reply and sends it to the client (see section 3.2.4.2.2) - The Kerberos client receives the reply (see [MS-APDS] section 3.2.5.4) ------------------------------------- My question is related to the steps 'Netlogon delivers the request' and 'KDC processes the requests and sends a reply'. Unfortunately, neither [MS-NRPC] 3.2.4.2.1 nor [MS-KILE] 3.3.5.8.1 clarify how exactly Netlogon and KDC communicate the request between each other. Could you please clarify it? Is it a specially formatted TGS-REQ? Or is it some special form of a back-channel between these components? -- / Alexander Bokovoy _______________________________________________ cifs-protocol mailing list [email protected] https://lists.samba.org/mailman/listinfo/cifs-protocol
