José Ildefonso Camargo Tolosa
2004-May-26 01:47 UTC
[Samba] PAC implementation, under "open" license.
Not sure, I'm reopening an OLD thread here (sorry). I need some answers, looking somewhere I found this: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnkerb/html/MSDN_PAC.asp I'm not sure, I just gave it a brieft read. Can't this be used to include PAC data on a kerberos ticket in order to use the kerberos autentication on win2k/xp? I know that it also requires some things on the ldap server, but This license says: "? 2002 Microsoft Corporation. All rights reserved. Microsoft grants you a perpetual, nonexclusive, royalty-free, world-wide right and license under any Microsoft copyrights in this specification to copy, publish and distribute this specification, and to implement this specification in your products." (...) What do you think? Ildefonso Camargo icamargo@merkurio.com.ve ildefonso_camargo@yahoo.com icamargo@unet.edu.ve
On Wed, 2004-05-26 at 03:48, Jos? Ildefonso Camargo Tolosa wrote:> Not sure, I'm reopening an OLD thread here (sorry). > > I need some answers, looking somewhere I found this: > > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnkerb/html/MSDN_PAC.asp > > I'm not sure, I just gave it a brieft read. Can't this be used to > include PAC data on a kerberos ticket in order to use the kerberos > autentication on win2k/xp? > > I know that it also requires some things on the ldap server, but This > license says: > > "? 2002 Microsoft Corporation. All rights reserved. > > Microsoft grants you a perpetual, nonexclusive, royalty-free, world-wide > right and license under any Microsoft copyrights in this specification > to copy, publish and distribute this specification, and to implement > this specification in your products." (...) > > What do you think?Yes, the fuss over the 'PAC licence' is old. Indeed, if they licenced their CIFS documentation under this licence, then we would have many less problems. (And even that licence has changed recently). The problem is, the 'reserved' fields are not reserved, they are used, and we have an idea what they should be in Samba4's netlogon.IDL. Really, there isn't anything stopping us here, we just need to actually handle this. For now, we just ask the DC directly for the information we would otherwise get in the PAC. Andrew Bartlett -- Andrew Bartlett abartlet@pcug.org.au Manager, Authentication Subsystems, Samba Team abartlet@samba.org Student Network Administrator, Hawker College abartlet@hawkerc.net http://samba.org http://build.samba.org http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20040526/9aa77942/attachment.bin