Steve Syfuhs
Steve Syfuhs
For folks running into this issue, there's a super simple platform-independent implementation available in the Bruce tool. It uses the DnsClient.NET library as mentioned above. It's kept out of the...
Unfortunately .NET Standard 2.0 is the highest this can go as it MUST stay backwards compatible with the full framework. Its an interesting approach though. I'm not terribly concerned about...
Thanks for looking into this. That was quite the undertaking already. I agree it gets messy pretty quickly and that makes it unmanageable. In the near term we have internal...
We don't ever include a backslash in the name. We try very hard not to muck with the values given to us and try to treat them verbatim. In some...
Ah, here's the most likely culprit. Kerberos.NET sends NT-ENTERPRISE-PRINCIPAL which approximately says "I have no idea what kind of name I'm sending you so...figure it out will ya?"  Whereas...
Oh, I see. :) I think I need to add that knob anyway, but if you can [have someone] take a look at how the NT-ENTERPRISE-PRINCIPAL logic is handled then...
Incidentally I've been having a conversation with another person that ran into a rather similar issue. The PR #271 gives you at least an escape hatch to work around this...
Calling `RenewTicket()` actually only renews the TGT, which isn't especially helpful in this case. A new API could be added that accepts an indicator to a specific ticket instead and...
I wouldn't recommend clearing the TGT. A simpler approach might be to just modify the cache behavior so it drops the ticket if it's going to expire in
That's certainly odd. The `client.RenewTickets` property just sets `client.Cache.RenewTickets` which is not used at all in `Krb5TicketCache`. I suspect that line is a red herring. I believe what's happening is...