this post was submitted on 19 Sep 2023
28 points (71.9% liked)
Technology
59197 readers
3191 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
You need a chapter on "Microsoft and Kerberos". They adopted Kerberos for Active Directory and at the same time literally wrote the Kerberos RFC saying specifically how to use it across a large enterprise.
Then they didn't implement it that way.
They intentionally made it so that Active Directory doesn't follow the Kerberos standard they they wrote. So if you follow the standard you won't actually be compatible with Active Directory. It's one of their more subtle, "Embrace Extend Extinguish" maneuvers. Most people don't know about it because the only company impacted at the time was Novell (and they won their legal stuff against Microsoft... with a settlement).
do you happen to have a link? this sounds very much like Microsoft's tactics yeah