summaryrefslogtreecommitdiff
path: root/10kcommit.txt
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2005-10-09 20:32:24 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:39:36 -0500
commit9e5d44d56733f598e0a25ad1e72eccf3267be51a (patch)
tree3d870490a40bbda69246ec22a9a80484e613b06c /10kcommit.txt
parent01d23b0e5454f317c1529fed829d24a32fdcc44d (diff)
downloadsamba-9e5d44d56733f598e0a25ad1e72eccf3267be51a.tar.gz
samba-9e5d44d56733f598e0a25ad1e72eccf3267be51a.tar.bz2
samba-9e5d44d56733f598e0a25ad1e72eccf3267be51a.zip
r10852: Continuation-based programming can become a bit spaghetti...
Initialize a domain structure properly. Excerpt from wb_init_domain.c: /* * Initialize a domain: * * - With schannel credentials, try to open the SMB connection with the machine * creds. Fall back to anonymous. * * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon * pipe. * * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back * to schannel and then to anon bind. * * - With queryinfopolicy, verify that we're talking to the right domain * * A bit complex, but with all the combinations I think it's the best we can * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we * have a signed&sealed lsa connection on all of them. * * Is this overkill? In particular the authenticated SMB connection seems a * bit overkill, given that we do schannel for netlogon and ntlmssp for * lsa later on w2k3, the others don't do this anyway. */ Thanks to Jeremy for his detective work, and to the Samba4 team for providing such a great infrastructure. Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr with all we have. Volker (This used to be commit 3e69fdc07cd76b4bc01b032148609ee4b59b8be7)
Diffstat (limited to '10kcommit.txt')
0 files changed, 0 insertions, 0 deletions