Monthly Archives: March 2012

Kerberos in an Active Directory forest trust vs. external trust

As outlined in the MS Technet article, the “Kerberos Authentication Process Over Forest Trusts” works as follows: 1.User1 logs on to Workstation1 using credentials from […] [childx.rootx.tld]. The user then attempts to access a shared resource on FileServer1 located in … Continue reading

Posted in Active Directory | Leave a comment

Troubleshooting Kerberos-Authentication and UDP packet size

When windows initiates a Kerberos authentication over user datagram packages (UDP), the following network communication occurs: 1.    The Kerberos client requests a Ticket Granting Ticket (TGT) from the Domain Controller, respectively the Key Distribution Center (KDC). 2.    The KDC replies … Continue reading

Posted in Active Directory | 2 Comments

The PXE boot process and SCCM OS deployment

When a client boots from the network over PXE in a Microsoft SCCM environment, the following procedure takes place: The PXE client broadcasts an EXTENDED DHCPDISCOVER package (containing the DHCP option 60) from port 68 and both, the DHCP and … Continue reading

Posted in System Center Configuration Manager | 5 Comments