skelsec / msldap

LDAP library for auditing MS AD
Other
364 stars 65 forks source link

Kerberos auth with other forest #39

Open enj5oy opened 11 months ago

enj5oy commented 11 months ago

Hi! I have foresta.contoso.local and forestb.contoso.local. I need login with admin@foresta.contoso.local to dc1.forestb.contoso.local msldap ldap+kerberos-ccache://foresta\admin:admin.ccache@dc1.forestb.contoso.local/?dc=192.168.2.1 I got error KDC_ERR_WRONG_REALM

skelsec commented 11 months ago

Hello, I'm aware of this issue which is a limitation of my mimikerberos library. It is begin updated, and will be pushed in a new release soon(ish)

enj5oy commented 11 months ago

Hello, I'm aware of this issue which is a limitation of my mimikerberos library. It is begin updated, and will be pushed in a new release soon(ish)

Thanks for your work!

skelsec commented 10 months ago

Hello again. If you install the latest asyauth from git or pip, you will be able to perform this auth avenue!

enj5oy commented 10 months ago

Thanks, i will try this on engagement

enj5oy commented 6 months ago

@skelsec I have ticket to child.contoso.local\lowpriv user and can connect to dc1.contoso.local(192.168.0.3) I try connect with msldap (asyauth==0.0.20) 2024-05-02_08-11

With impacket ticket work 2024-05-02_08-14