[OpenAFS] OPENAFS-KDC-PROBE
Mitch Collinsworth
mitch@ccmr.cornell.edu
Thu, 10 Jun 2004 11:52:23 -0400 (EDT)
I've been wondering if it might be somehow related to the windows
authentication behavior described in this paper:
http://www.usenix.org/publications/library/proceedings/lisa2000/beck.html
-Mitch
On Thu, 10 Jun 2004, Jeffrey Altman wrote:
> This would clearly be the result of a very bad coding error.
> What version of the client is on the machines which is producing this
> request?
> Is it a Kerberos 5 or Kerberos 4 request?
>
> Jeffrey Altman
>
>
> David Botsch wrote:
>
> > Fascinating.
> >
> > We have also noted, since upgrading to kerb5 (yes, it worked!) in our
> > kerberos kdc logs, something strange:
> >
> > attempts to authenticate as principal:
> > localwindowsusernameWINDOWSNETBIOSNAMElocalwindowspass
> >
> > sometimes some junk follows the pass, sometimes not. Sometimes the
> > instance portion of the principal is set to "4".
> >
> > Any ideas?
> >
> > We've seen this for a couple users on a couple of computers we don't
> > manage as also for user SMSCliToknAcct on a few of the computers we do
> > manage (all running 1.2.8a client).
> >
> > Thanks.