Kerberos using JAAS and SMB protocol

java server-message-block kerberos
  1. The Kerberos negotiation and the SMB negotiation are separate. There is no (reasonable) way for the KDC to know the version of SMB used by either the SMB client or server. At most the KDC can make a reasonable guess as to the service/protocol being accessed/used (cifs/server.example.com vs nfs/server.example.com vs HTTP/server.example.com. host/server.example.com overloaded, but tends to only be a few things, none of them SMB, that's the cifs one), but that's really about it.
  2. N/A
  3. Don't use old key types, though that's more of a general kerberos rule. (The AES ones should be enough, though I tend to also keep the camellia varieties around.) Not sure what JAAS uses by default, but it's probably worth checking you're not still using DES/3DES/RC4.

Related

Sending a file to a remote clamd instance
ROute vom AWS to Azure website without changing the domain
What happens if i have both A record and CNAME record on my domain
Where is my memory being consumed? [duplicate]
LAN cable-tester's LEDs fire at 3 and 6 (without passive side attached)
C drive shows as full, despite not being full [closed]
For redirected domains, what DNS records are required?
DTO or Domain Model Object in the View Layer?
What is "android.R.id.text1"?
HTTPS login with Spring Security redirects to HTTP
Understanding the difference between null and '\u000' in Java
Why is a "bindingRedirect" added to the app.config file after adding the Microsoft.Bcl.Async package?