saggar wrote: > On Apr 29, 4:43 pm, JC Ferguson <[email protected]> wrote: >> I have found the change not necessary in the MIT library. I've seen tokens >> as large as 24k from MS AD domain controllers. >> >> -jc >> >> ----- Original Message ----- >> From: [email protected] <[email protected]> >> To: [email protected] <[email protected]>; [email protected] <[email protected]> >> Sent: Thu Apr 29 07:30:52 2010 >> Subject: Impact of "MS AD Kerberos token size" change >> >> Is MIT kerberos implementation dependent on Microsoft AD Kerberos Token Size >> ? If a user changes the default size from 12K to 64K . does it needs a >> change in kerberos also ? >> >> -- >> Regards >> Sunil Saggar >> _______________________________________________ >> krbdev mailing list >> [email protected]https://mailman.mit.edu/mailman/listinfo/krbdev > > I would like to understand how this token is used and how MIT library > is not dependent on it. Will appreciate code_pointers/documentation. >
Google for: Microsoft kerberos PAC The PAC has UUIDs and GUIDs for the user, and is used in a domain for authorization. A normal kerberos ticket might be less the 500 bytes. The other 23.5k of the ticket is the PAC. > -S > ________________________________________________ > Kerberos mailing list [email protected] > https://mailman.mit.edu/mailman/listinfo/kerberos > > -- Douglas E. Engert <[email protected]> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
