Re: Initial IPSEC policy
From: Chris (chris_at_dev.nul)
Date: 01/28/04
- Previous message: RG: "User Properties"
- In reply to: Harald Haitsma: "Initial IPSEC policy"
- Next in thread: Harald Haitsma: "Re: Initial IPSEC policy"
- Reply: Harald Haitsma: "Re: Initial IPSEC policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 27 Jan 2004 16:28:51 -0800
No this is still the same in XP and 2003. You are referring to
http://support.microsoft.com/default.aspx?kbid=254949
Non-domain members could never join the domain if your DC's required
kerberos authenticated IPSec communication across the board.
Chris Weber
"Harald Haitsma" <haraldhaitsma@hotmail.com> wrote in message
news:eDS$53Q5DHA.2540@TK2MSFTNGP11.phx.gbl...
> I Have a Win2003 Domain with only WinXP clients.
>
> On a Win2000 Server i read following:
> Using IP Security (IPSec) to protect traffic from a non-domain member to
the
> domain controller is currently not supported in Windows 2000 because it is
> not possible for non-domain computers to get the initial IPSec policy from
> the domain controller once a domain controller (DC) requires IPSec to
> communicate, and because non-domain member computers cannot use Kerberos
as
> the IPSec/IKE authentication method to authenticate IKE with their domain
> controller and with trusted domain controllers on the domain in all cases.
>
> Is this changed within XP and 2003?
>
> Thxs
>
>
>
- Previous message: RG: "User Properties"
- In reply to: Harald Haitsma: "Initial IPSEC policy"
- Next in thread: Harald Haitsma: "Re: Initial IPSEC policy"
- Reply: Harald Haitsma: "Re: Initial IPSEC policy"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
