<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">I afraid that it won't work ATM. You
can create JIRA for this though. However I am not sure if it's
priority for us to do that. <br>
<br>
Alternatively you can try to contribute this yourself. Maybe the
only required thing will be to add NTLM OID (
1.3.6.1.4.1.311.2.2.10 ) to the list here
<a class="moz-txt-link-freetext" href="https://github.com/keycloak/keycloak/blob/master/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/impl/SPNEGOAuthenticator.java#L169">https://github.com/keycloak/keycloak/blob/master/federation/kerberos/src/main/java/org/keycloak/federation/kerberos/impl/SPNEGOAuthenticator.java#L169</a>
. However I afraid it likely won't be that easy...<br>
<br>
Marek<br>
<br>
On 28/06/16 17:47, Guy Davis wrote:<br>
</div>
<blockquote
cite="mid:CAAgmn1o2_H=Zsvmg8C1isTXNRjLB8ffTVWm=rTTHWHhY23FZ9w@mail.gmail.com"
type="cite">
<div dir="ltr"><span style="font-size:12.8px">Good day,</span>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">For sake of argument, assume that
someone has set up a MS Active Directory domain with Kerberos
disabled, but NTLM still enabled. In that situation, would a
user browsing to a Keycloak-protected application, with
LDAP+SPNEGO enabled (against that MS AD system) still allow
for Integrated Windows Authentication (auto-login without
prompt) to web application?</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">Thanks much,</div>
<div style="font-size:12.8px">Guy</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px"><re-sending today as same
message yesterday didn't make it through to the list></div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
keycloak-user mailing list
<a class="moz-txt-link-abbreviated" href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/keycloak-user">https://lists.jboss.org/mailman/listinfo/keycloak-user</a></pre>
</blockquote>
<br>
</body>
</html>