Kerberos Tools
One of the disadvantages of trying to understand the Kerberos protocol using a network protocol analyzer, such as Microsoft Network Monitor, is that virtually everything that goes over the wire between the client and the KDC is encrypted. Some tools are available, however, that enable you to see which tickets have been issued to the client and where they came from. The two tools you will use in this section are from the Windows 2000 Server Resource Kit and are called kerbtray and klist.
kerbtray
kerbtray is a graphical tool that runs in the status area of the desktop next to the time and date icon. kerbtray enables you to list and purge tickets for the current logon session. This is a useful tool for viewing the current Kerberos ...
Get Special Edition Using Microsoft Active Directory now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
