Re: s4u2proxy
- From: "Joe Kaplan \(MVP - ADSI\)" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 8 May 2006 21:44:39 -0500
What happens if you use the constructor that just takes the UPN? I'm not
actually sure what the second parameter does in the other constructor (docs
are very vague), but the I know you can do S4U login with the other one.
Another thing you might consider is using NegotiateStream instead of calling
AcquireCredentialsHandle/InitSecurityContext directly, but I'm not sure that
makes a big difference. It should just be easier.
Joe K.
"pmoore" <pmoore@xxxxxxxxxxxxx> wrote in message
news:FC833A5B-01EB-43E5-A3C9-4AAE6BA67376@xxxxxxxxxxxxxxxx
I want to access a remote service using creds obtained via protocol
transition.
I get the s4u user creds fine (WindowsIndentity("joe", "Kerberos"))
I impersonate
the I call AcquireCredentialsHandle (becuase I want to do InitSecContext
next)
The Call fails with 80090305 - unknown security package ("Kerberos"), the
call works fine if I take out the impersonate, (but then I am running as
the
local user not joe)
.
- Prev by Date: Black Hat class: Advanced Asp.Net Exploits and Countermeasures
- Next by Date: Re: X.509 - Create Programmatically
- Previous by thread: Black Hat class: Advanced Asp.Net Exploits and Countermeasures
- Next by thread: Re: s4u2proxy
- Index(es):
Relevant Pages
|
