Kerberos klist delays but only for some accounts (on Cisco AnyConnect VPN)

S

sphar

Hi All,While connected to a Cisco AnyConnect VPN session on my laptop from home to the workplace, I note the following behaviour for some accounts.ADDS related TCP/UDP ports are open/listening 135 RPC, 389 LDAP, 88 Kerberos, 123 NTP, LDAPS 636, GC 3268,3269, SMB 445 etcFirewall is on no dropped packets.Example 1:If an active directory account has a DitinguishedName attribute like: CN=TestAccount klist immediately shows me tickets I can browse / access windows server shares setspn -L TestAccount Registered ServicePrincipalNames for CN=TestAccount ,CN=Users,DC=domain,DC=com:Example 2: However, I

Continue reading...
 
Back
Top Bottom