Steve Syfuhs
Steve Syfuhs
You mean the kvno in the ticket encrypted data? There's no guarantee it'll be present, or match what's in the keytab unfortunately. In most cases the keytab version doesn't have...
PR #176 adds cache file support and would close #160. #126 has the ability to read the configuration today, but at the moment the library doesn't actually use the configuration....
Fixed with #286. An updated nuget package will be available within a few minutes. Please verify when you get a chance. :)
Your logic isn't quite right. The cache as you're querying it will return any ticket expired or not. As such you can absolutely have a TGT in the cache that...
Some preliminary notes: 1. This is not an issue with generic cross-forest requests, as those work fine. E.g. this shows it's fine (I just tested against a set of prod...
Okay, more progress. I've got an environment up and running and the following constrained delegation works: `[email protected] => http/web.forest2.net => sql/sql.forest2.net` e.g. `a => b => b` This is plain...
I've been using the multi-AD forest lab with great success for this problem. Big fan of this tooling. Here's the current state of things: 1. The crypto exception was likely...
There have been a few questions about this. I'd love to, but don't have any plans. It requires creating an ASN.1 builder, which is a non-trivial thing to do. I...
There's an ASN encoder/decoder builtin to this library now. SASL would be relatively straightforward to build out, though it's not clear how that would tie into GSS APIs.
"Try" is about right, though we do diverge from implementation from time to time where we break for compatibility with Windows or what the author (usually me) thinks is really...