For additional information about the latest service pack for Windows 2000, click the article number below to view the article in the Microsoft Knowledge Base:
Previous to the change that is described in the "Summary" section of this article, programs could use the Win32 LsaCallAuthenticationPackage API specifying KERB_RETRIEVE_TICKET_REQUEST and either KerbRetrieveEncodedTicketMessage or KerbRetrieveTicketMessage message types to retrieve a Kerberos ticket-granting-ticket (TGT) and the associated session key.
The registry value to include a session key in the TGT:
Value Type: REG_SZ
Value Range: 0 or 1 (default of 0)
- 0: The KerbRetrieveEncodedTicketMessage response will not include a session key that allows this TGT to be used for logon.
- 1: Indicates that a session key should be returned with the TGT according to current behavior.
Article ID: 308339 - Last Review: Jun 9, 2009 - Revision: 1