Hello, everyone:
I have some questions for the auth process. When the user get the tgt, it then
send a request to the TGS in which it tell TGS the service principal it want to
access. I have two questions here. First, how does the user know the service
principal, I think it only know the service it want to access. Second, why the
SPN must be service/[email protected], if the user know the service principal,
like [email protected]. it just request a ticket for it, then send the ticket to
the service, then it can access to it. What I misunderstood here?
________________________________________________
Kerberos mailing list [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos
