From the course: macOS for IT Administrators
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Accessing Kerberized services - Mac OS Tutorial
From the course: macOS for IT Administrators
Accessing Kerberized services
- [Instructor] Our client wants to use the mail application to authenticate to mail, and the mail service is Kerberized. The client already has a TGT from the KDC as seen earlier, so it uses that ticket-granting ticket in the process of authenticating the mail service. The client begins by creating an authenticator. The authenticator includes the username, client IP address, and the current time. It encrypts this with the session key it received from the KDC and then creates the service request. The service request contains the KDC-encrypted TGT, the session key encrypted authenticator it just created, and the name of the service it is requesting access to. The client sends the service request containing those three elements to the KDC. Now the KDC receives the service request. The service request is not encrypted, but contains the encrypted TGT, the encrypted authenticator, and the name of the service requested. It decrypts the…