|Admission Control Service Domain Name Requirements in Kerberos Environment Other Than Windows 2000
Microsoft Knowledge Base Article: 254111 - Explains the requirements for specifying a domain name for the Windows 2000 Quality of Service (QoS) Admission Control Service to operate in a Kerberos authentication environment that is not Windows
Can Kerberos remain an open standard?
A look at the open IETF standards and Microsoft's changes to Kerberos in the name of innovation. Is Microsoft really improving Kerberos, or attempting to make a proprietary version? Source: Windows IT Security (March 9, 2000)
Description of Kerberos Policies in Windows 2000
Microsoft Knowledge Base Article: 231849 - In Windows 2000, Kerberos policy is defined at the domain level and implemented by the domain's Key Distribution Center (KDC). Kerberos policy is stored in Active Directory as a subset of the attributes of a domain security policy.
Description of PKINIT Version Implemented in Kerberos in Windows 2000
Microsoft Knowledge Base Article: 248753 - PKINIT is an Internet Engineering Task Force (IETF) Internet draft for "Public Key Cryptography for Initial Authentication in Kerberos." Windows 2000 uses this protocol when you use a smart card for interactive logon.
Forcing Kerberos to Use TCP Rather Than UDP in Windows 2000
Microsoft Knowledge Base Article: 244474 - The Windows 2000 Kerberos Authentication package is the default in Windows 2000. It coexists with challenge/response (NTLM) and is used in instances in which both a client and server can negotiate Kerberos.
How to Enable Kerberos Event Logging
Microsoft Knowledge Base Article: 262177 - Windows 2000 offers the capability of tracing detailed Kerberos events through the event log mechanism. You can use this information when you troubleshoot Kerberos. This article describes how to enable Kerberos event logging.
Information on the Transitivity of a Kerberos Realm Trust
Microsoft Knowledge Base Article: 260123 - This article discusses the transitivity of a trust formed between a Microsoft Windows 2000 domain and a Kerberos realm.
Kerberos Administration in Windows 2000
Microsoft Knowledge Base Article: 232179 - The Windows 2000 implementation of the Kerberos Authentication protocol does not require extensive administration or configuration. Because it is the default authentication package, it is installed automatically on all Microsoft
Computer Security's Hellhound
Kerberos is a tried and true open source
security standard, but will interoperability problems dog the Microsoft
Source: Network Computing
Step-by-Step Guide to Kerberos 5 (krb5 1.0) Interoperability
Examines the use of the Kerberos interoperability features with the Windows 2000 operating system. Source: Microsoft
Using Uppercase Letters for Kerberos Realm Names
Microsoft Knowledge Base Article: 248807 -
All Windows 2000 domains are also Kerberos realms. However the realm name is always the all uppercase version of the domain name. There is no way to have a Kerberos realm name that is different from the domain name.
Windows 2000 Kerberos Authentication
Downloadable whitepaper in Word format which provides a technical introduction to how the Windows© 2000 operating system implements the Kerberos version 5 authentication protocol. The paper includes detailed explanations of important concepts, architectural elements, and
features of Kerberos authentication. The first section, ©Overview of the Kerberos Protocol,? is for anyone unfamiliar with Kerberos authentication. Following this introduction to the protocol are several sections with details of Microsoft?s implementation in Windows 2000.
The paper concludes with a brief discussion of requirements for interoperability with other implementations. Source: Microsoft (June 1999)
Windows 2000 Kerberos Interoperability Overview
Microsoft receives many inquiries about Kerberos interoperability in Windows 2000 Server operating systems. This marketing bulletin describes the Microsoft position and provides background information on Kerberos and Windows 2000 Server.
Windows 2000 Kerberos Interoperability
White paper which describes common scenarios for interoperability between Windows 2000 and other Kerberos implementations.