Vampire against 2k domain

Andrew Bartlett abartlet at
Tue Apr 27 04:00:46 MDT 2010

On Mon, 2010-04-26 at 13:08 -0600, Cam Thompson wrote:
> Hello List;
> First time posting here - some of you know me as plaerzen from irc - I'm
> hoping to be an early adopter in a production environment with a Win2k
> domain.  I've been trying for some time now to vampire a win2k domain with
> limited success.  Please be gentle :)

So, my guess at this point is some really weird Kerberos bug, because
the failure you get (on being given more detail) is on the TGS reply -
ie we have been given a ticket, which we can't decypt (but we could
encrypt the request for it fine). 

When I get the .pcap file I'll look for more odd details that may give

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list