[cifs-protocol] Kerberos Constrained-Delegation in RODC environment - TrackingID#2108090040003380
Isaac Boukris
iboukris at gmail.com
Mon Sep 6 14:48:45 UTC 2021
Hi Sreekanth,
I've taken the debugs and collected the event-log error, and have
uploaded all the files.
The event-log error says: "During TGS processing, the KDC was unable
to verify the signature on the PAC from apache. This indicates the PAC
was modified."
So the question still stands: why can't the KDC check the
RODCIdentifier and fetch the right key to verify the KDC signatures.
Regards
More information about the cifs-protocol
mailing list