I am having issues with Kerberos and Windows 7. It works great with Windows XP but I can’t figure out why it is not working in Windows 7. I have a Active Directory Domain setup called cpo.washington.edu. We use Kerberos to login into the domain with user mappings from the Kerberos realm u.washington.edu. We are using a Kerberos Cross-Realm authentication where we map a user from the Kerberos realm to the Windows Domain. Which is UWs central user repository. So when a user logins on their computer they are using Kerberos. So when I login I use bob@u.washington.edu it maps me to my bob@cpo.washington.edu account. This works great in Windows XP. So if I lock my computer screen in Windows XP it asks me for my bob@u.washington.edu password since that is the user I logged in as. In Windows 7 I can login using bob@u.washington.edu. But if I lock my computer it asks for my password for my bob@cpo.washington.edu account. This causes problems because users don’t actually know their CPO password. Kerberos is working since I am able to login as bob@u.washington.edu but I am not sure what is going that wants me to unlock the computer as bob@cpo.washington.edu. More information about how the Kerberos Cross-Realm Trust is setup from UW. http://www.netid.washington.edu/documentation/domains/crossRealm.aspx

Hi, Which domain did these computers join? Also, you may try click Other Users on the locked screen, then log in as bob@u.washington.edu to unlock the computer. Additionally, see whether the following link helps. http://blogs.msdn.com/b/sfu/archive/2009/03/27/can-i-set-up-user-name-mapping-in-windows-vista.aspx Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”

The computer is joined to the cpo.washington.edu domain. It doesn't give me an option to login as anyone but bob@cpo.washington.edu

Hi, Click Switch Users=>Click Other Users=>Log in as bob@u.washington.edu to unlock the computer.Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.