[Samba] [SamLogon, network] vs [Kerberos KDC, ENC-TS Pre-authentication]
mj
lists at merit.unu.edu
Mon Mar 26 07:25:11 UTC 2018
Hi Andrew,
Thanks for the response.
On 03/26/2018 09:13 AM, Andrew Bartlett via samba wrote:
>> - SamLogon,network is an interactive logon, so a user typing a password
>> on a windows domain joined workstation
>
> No, that would be SamLogon,interactive.
>> - Kerberos KDC,ENC-TS Pre-authentication is something like: an already
>> logged on user accessing another server within the same AD doain
>
> No, that is most likely a user getting their first ticket on logon.
So, a follow-up question if I may:
In what case would "a user getting their first ticket on logon" fail..?
Suppose the samLogon,interactive succeeded, why would "user getting
their first ticket on logon" fail..? What would the scenario be, there..?
> I'm glad to hear you are making good use of the audit log feature.
We like it a lot, yes :-)
MJ
More information about the samba
mailing list