티스토리 뷰

Kerberos 인증 문제가 발생하여  클라이언트와 서버에서 인증 관련 패킷을 수집 해야 한다면 아래와 같이 사전 작업을 미리 한 후 넷몬으로 패킷을 수집하면 좋겠네요^^

1.Make sure that there are no Internet Explorer windows open, and in general close down as many applications as possible so that your network traces are as clean as possible.
2.Start the network capture utility.
3.Clear all name resolution cache as well as all cached Kerberos tickets.
To clear DNS name cache you type in:  IPConfig /FlushDNS
To clear NetBIOS name cache you type in:  NBTStat –R
To clear Kerberos tickets will need KList.exe:  KList purge
4. Launch Internet Explorer and go to the web site.
5. Once the website comes up or error messages are being displayed, go ahead and stop the network capture.

[참고 자료]
Kerberos Authentication problems – Service Principal Name (SPN) issues - Part 1
http://blogs.technet.com/b/askds/archive/2008/05/29/kerberos-authentication-problems-service-principal-name-spn-issues-part-1.aspx

 

TAG
, ,
댓글
댓글쓰기 폼