thr3ads.net - samba - [Samba] Passthrough Authentication, DC Authentication and Signing [Apr 2010]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Johnny Kimble

2010-Apr-01 15:54 UTC

[Samba] Passthrough Authentication, DC Authentication and Signing

Hello all,

How does a CIFS server sign messages in a situation where the CIFS server does
 not know the password of the user? For example, in a situation where the CIFS 
server has to communicate with a domain controller.

I've looked into this and I've a feeling the answer might lie in the GSS
API.
But I'm not sure exactly how the CIFS server uses it to sign a message.

Can a CIFS server ask a domain controller for a Message Authentication Code (or 
ntlmv2 repsonse or whatever is required) for a particular client, and then use 
that sign all subsequent communication with that client?

Thanks,
JK

samba - Apr 2010 - Passthrough Authentication, DC Authentication and Signing

[Samba] Passthrough Authentication, DC Authentication and Signing