From 7679cb3fa862bec4d0f7ad607f7d8d100973de3d Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Fri, 15 Aug 2014 21:36:35 +0100 Subject: docs: Added Kerberos V5 and NTLM domain information to --user --- docs/curl.1 | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/docs/curl.1 b/docs/curl.1 index 30c18763a..ebacfa243 100644 --- a/docs/curl.1 +++ b/docs/curl.1 @@ -1627,6 +1627,19 @@ The user name and passwords are split up on the first colon, which makes it impossible to use a colon in the user name with this option. The password can, still. +When using Kerberos V5 with a Windows based server you should include the +Windows domain name in the user name, in order for the server to succesfully +obtain a Kerberos Ticket. If you don't then the initial authentication +handshake may fail. + +When using NTLM, the user name can be specified simply as the user name, +without the domain, if there is a single domain and forest in your setup +for example. + +To specify the domain name use either Down-Level Logon Name or UPN (User +Principal Name) formats. For example, EXAMPLE\user and user@example.com +respectively. + If you use a Windows SSPI-enabled curl binary and perform Kerberos V5, Negotiate or NTLM authentication then you can tell curl to select the user name and password from your environment by specifying a single colon with this -- cgit v1.2.3