Hi,

Is there a reference anywhere that outlines the different password
salting methods used by different KDCs?

AFAICT AD w/ RC4 doesn't actually use a salt. Heimdal seems to just
use the realm and principal name concatenated together without any
separators.

What does MIT do?

What does Windows 2008 w/ AES use?

Windows 2000?

Do the salt values change depending on the enctype?

I'm interested in knowing to what degree salts can be predicted given
only the information a client preparing to issue an AS-REQ would have.

Ultimately I'm trying to reduce ETYPE_INFO(2) discovery to improve
performance and get rid of annoying Windows "preauthentication failed"
event log errors.

Mike

--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/