>something that will eventually not work anyway. The funny thing is, if you >are going to store passwords on your Microsoft AD server acting as a KDC, >then what is the point of having a KDC in the first place...in terms of >Microsoft authentication? This is why I say that Microsoft uses Kerberos >just to appease the 'nix natives. It certainly has little use in their own >products.
To be fair to Microsoft ... they do seem to use Kerberos in a number of places. E.g., their instant messaging protocol is Kerberized (I verified that with a network sniffer). From my conversations with Microsoft people, the reason Exchange doesn't do GSSAPI-authenticate IMAP really seems to be more tied up in lack of interest in the Exchange group (for what reason, I dunno). --Ken ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos