I found out the difference between Authenticating FC2 against a Win2k
and Win2k3 domain. The latter denies access to read the directory to
non-authenticated users. I can get passed it by either opening up 2k3
like 2k does or add a user just for this purpose and delegate that
function to them and hard code that into the LDAP configuration file. I
don't like those options.
Question: Since Win2kX uses Kerberos to authenticate and LDAP for
information, why can't I authenticate against Kerberos and use its
ticket to get user information from LDAP? Anyone else seen this?
I know Microsoft programmers leave a lot to be desired, but this is
should be all on the client side. Use Kerberos authentication to grant
access to read from LDAP. Did I miss something?
Jim (Probably one of them {in}sane programmers)
