[cifs-protocol] KVNO of trusts
Andrew Bartlett
abartlet at samba.org
Wed Sep 3 04:12:53 GMT 2008
How do I determine what Key Version Number (kvno) to assign to trusted domain entities in the KDC?
For normal users, we have msDS-KeyVersionNumber, but as per our previous
discussions, trusts do not need cn=user type objects for
interoperability (I point I dispute, but regardless). So, what is the
source of the key version number for these principals?
(Is it the 'for NETLOGON use' version number in the trustAuthIncoming
and trustAuthOutgoing attributes, for example?)
Thanks,
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080903/557b9e2f/attachment.bin
More information about the cifs-protocol
mailing list