Doubts on Extended Protection for Authentication
Hi All, What is use of "Extended Protection for Authentication". Where i should configure this setting(both client and server) .Do we need to install Microsoft Security Advisory (973811) on both client and Server.Doubt :1) To work with "Extended Protection for Authentication" SPN is mandatory ?2) How credential will forward after the installation of this Advisory (973811)?Thanks,
October 27th, 2009 4:23pm
Hi, Regarding your questions: 1. Based on the article below, SPN is a must. Integrated Windows Authentication with Extended Protection http://msdn.microsoft.com/en-us/library/dd639324.aspx 2. The forward of credential should be the same since its mainly a enforcement of IWA. Above article also mentioned that. Thanks. This posting is provided "AS IS" with no warranties, and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
October 29th, 2009 11:31am
Thank u for your information. This will helpful for me to understand more .I gone through some paragraph. I found two things,
1)A Channel Binding Token or CBT.2) Service Binding information in the form of a Service Principal Name or SPN.My doubt(Because of above two point i am getting below doubts)1) Do need to install Microsoft Security Advisory (973811) to both server and client?
Thanks...
October 29th, 2009 11:44am
Hi, Based on the kb960859, we need install the update on both client and server computers: "How do I enable Extended Protection on my computer? Before you enable Extended Protection, make sure that the following update is installed on both the client and server computers: 968389 Extended Protection for Authentication" Thanks. This posting is provided "AS IS" with no warranties, and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
November 2nd, 2009 11:03am


