Re: Using Kerberos in Windows 2000 Clustering
From: Mike Rosado [MSFT] (mikeros_at_online.microsoft.com)
Date: 09/20/04
- Next message: John Collins: "Node Time Differential"
- Previous message: Julia: "can NLB do this:?"
- In reply to: Shaun Rumbelow: "Using Kerberos in Windows 2000 Clustering"
- Next in thread: Shaun Rumbelow: "Re: Using Kerberos in Windows 2000 Clustering"
- Reply: Shaun Rumbelow: "Re: Using Kerberos in Windows 2000 Clustering"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 20 Sep 2004 07:01:25 -0500
Hi Shaun,
As stated in the following article, clients prior to Windows 2000 do not
support Kerberos. Because Kerberos was implemented as of Windows 2000 SP3
and later.
299656 How to prevent Windows from storing a LAN manager hash of your
password
http://support.microsoft.com/?id=299656
I'm by no means an expert in this subject matter of Exchange, but I'll try
to assist you to the best of my ability. My understanding is that Exchange
does support Kerberos if it's installed or client OS are Windows 2000 SP3
and greater.
-- Hope this helps, Mike Rosado Windows 2000 MCSE + MCDBA Microsoft Enterprise Platform Support Windows NT/2000/2003 Cluster Technologies ==================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ==================================================== This posting is provided "AS IS" with no warranties, and confers no rights. <http://www.microsoft.com/info/cpyright.htm> -----Original Message----- "Shaun Rumbelow" <shaun.rumbelow@sth.nhs.uk.donotspam> wrote in message news:70B4A9A3-060B-4259-8627-F3B1E416FC9D@microsoft.com... > Hi, > > We have several clusters running Windows 2000 Advanced Server SP3. The > various clusters run Exchange 2000, SQL 2000 and File shares. KB235529 > mentions that the clusters can use kerberos (if turned on) as stated below. I > also believe that Windows 2003 clustering has Kerberos turned on by default - > we are planning to upgrade some of the clusters to Windows 2003 and Exchange > 2003. > > My questions are: > > 1) Can 95 and 98 clients still use the cluster resources such as file shares > - can the clients still use LM rather than Kerberos? If so does this apply to > Windows 2000 and Windows 2003. > > 2) Am I correct in thinking that Exchange 2000 doesn't use kerberos and thus > kerberos couldn't be configured on the cluster servers? Does Exchange 2003 > allow for kerberos and again can 9x clients use this. > > Any help would be appreciated > > KB235529 > "This article describes the Kerberos authentication support for Windows > 2000-based server clusters that has been added in Windows 2000 Service Pack 3 > (SP3). With versions of Windows 2000 earlier than SP3, the Cluster service > does not publish Computer objects for virtual servers in Active Directory. > This means that virtual servers authenticate only by using NTLM or NTLM > version 2. With Windows 2000 SP3, you can configure virtual servers to permit > clients to authenticate by using the Kerberos authentication protocol. If > this is enabled, a Computer object is created for each corresponding Network > Name resource. > > Kerberos authentication for the Network Name resource on which Microsoft > Exchange 2000 depends is not supported on a server cluster. Exchange 2000 was > not tested with the expectation that a cluster virtual server would support > Kerberos authentication; this configuration may not function properly. Future > versions of Exchange Server may take advantage of Kerberos authentication for > server clusters. " > > > -- > Thanks for your help > Shaun Rumbelowshaun.rumbelow@sth.nhs.uk.donotspam
- Next message: John Collins: "Node Time Differential"
- Previous message: Julia: "can NLB do this:?"
- In reply to: Shaun Rumbelow: "Using Kerberos in Windows 2000 Clustering"
- Next in thread: Shaun Rumbelow: "Re: Using Kerberos in Windows 2000 Clustering"
- Reply: Shaun Rumbelow: "Re: Using Kerberos in Windows 2000 Clustering"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
