I have one server it has always sync with KDC. So I will get that system time from server for my client machine and use it in Kerberos Protocol exchange. I think it is possible where ever Kerberos Client Protocol referring local machine time (Client machine) I can use this time to generate tkt's instead of updating client system time.
I will do NTP client work but I will not update System. So when ever client sends KRB_AP_REQ plain message it can will contain Timestamp this may be client machine current time in this place I can use my Server machine time. Regards, Eswar S **************************************************************************** **************************** This e-mail and attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient's) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it! ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
