Authentication

Previous Topic Next Topic

Preauthentication

By default the KDC requires all accounts to use preauthentication. This makes offline password-guessing attacks very difficult. However, preauthentication can be disabled for individual accounts when this is necessary for compatibility with other implementations of the protocol. To disable preauthentication, right-click the User object in Active Directory Users and Computers. Click Properties, and then click the Account tab. In the Account options list, check Do not require Kerberos preauthentication.

© 1985-2000 Microsoft Corporation. All rights reserved.