[20145] in Kerberos_V5_Development
Oracle ODP.NET use of MIT KfW
daemon@ATHENA.MIT.EDU (Scot McKinley)
Fri Jul 24 17:09:17 2020
To: krbdev@mit.edu
From: Scot McKinley <scot.mckinley@oracle.com>
Message-ID: <a509a416-3cad-7445-f6c6-659501272aae@oracle.com>
Date: Fri, 24 Jul 2020 13:41:10 -0700
MIME-Version: 1.0
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
Hi, at Oracle we have a client DB adapter called ODP.NET Managed and
Core that uses MIT KerberosforWindows (KfW) in order to use Kerberos
based credentials to authenticate to the DB.
I have a couple of questions in reference to this product's use of KfW:
* The announcement pages for the KfW have quoted support for the exact
same Windows versions for at least 7 years, probably longer. The below
statement has been exactly the same for versions 4.0.1, 4.1 AND the new
4.2beta1. Can we get it updated?
"KfW is supported on Windows Vista (SP2 required), Windows 7, Windows 8,
Windows Server 2003, and Windows Server 2008."
* The Microsoft Credential Guard blocks acquisition of windows domain
based TGTs, thus blocking MSLSA based KfW credential acquisition. Has
this been addressed in 4.2beta1 or are there plans to address it (eg, by
switching to a SSPI based credential acquisition)?
Thanks,
Scot McKinley
Consulting Member of Technical
ODP.NET Network and Security
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
