Why use krb5_set_real_time() instead of NTP ?

Luke Howard lukeh at padl.com
Wed May 10 05:21:26 GMT 2006

>Yes, it is dealing with an unsynchronised clock between itself and the
>KDC.  Yes, the admin should have the clocks in sync.  Windows AD
>networks run something almost but not entirely like NTP automatically to
>avoid this problem.  

Windows clients use SNTP, the key id is the machine account's RID and
authenticator is the MD5 digest of the NT OWF and the NTP packet.

-- Luke


More information about the samba-technical mailing list