[31619] in Kerberos
Re: SASL binding with SSL encryption
daemon@ATHENA.MIT.EDU (Ryan Lynch)
Tue Oct 27 11:14:47 2009
MIME-Version: 1.0
In-Reply-To: <D8C9BC7FFCF8154FB7141EB8DB609C172F0F1942BA@SGPAPHQ-EXSCC01.dc01.fujixerox.net>
From: Ryan Lynch <ryan.b.lynch@gmail.com>
Date: Tue, 27 Oct 2009 11:13:54 -0400
Message-ID: <115906d10910270813u222f3f86kfe19050446d66ea7@mail.gmail.com>
To: "Xu, Qiang (FXSGSC)" <Qiang.Xu@fujixerox.com>
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
On Tue, Oct 27, 2009 at 01:56, Xu, Qiang (FXSGSC)
<Qiang.Xu@fujixerox.com> wrote:
> Still, in testing against AD in Windows 2003 Server (or Windows 2000 Server), the binding result is good and bad alternatively, exhibiting a pingpong style. In contrast, if I do the same test against AD in Windows 2008 Server, the binding is always good.
A suggestion, from my past experiences: Have you confirmed that your
"ping-pong" results are always coming from the same AD domain
controller? If not, try tracing the packet traffic, or just increasing
your client-side debug verbosity. If the success vs. failure results
can be correlated to different DCs, this may be a configuration issue
on one of your DCs.
-Ryan
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
