Age | Commit message (Collapse) | Author | Files | Lines |
|
we can round-trip all the way back to a server_info structure, not
just a filled in PAC_DATA. (I was worried about generated fields being
incorrect, or some other logical flaw).
Andrew Bartlett
(This used to be commit 11b1d78cc550c60201d12f8778ca8533712a5b1e)
|
|
This makes the PAC we generate match (closely) the PAC generated by my
test win2k3 DC.
Andrew Bartlett
(This used to be commit 6172b1868020ac8e828c375f17f4c33fc40eaca4)
|
|
LOGON_INFO
LOGON_NAME
SRV_CHECKSUM
KDC_CHECKSUM
- w2k3 also don't use the groupmembership array with rids
it uses the othersids array
metze
(This used to be commit 2286fad27d749ebba14f5448f1f635bb36750c9c)
|
|
We now generate the PAC, and can verifiy both our own PAC and the PAC
from Win2k3.
This commit adds the PAC generation code, spits out the code to get
the information we need from the NETLOGON server back into a auth/
helper function, and adds a number of glue functions.
In the process of building the PAC generation code, some hints in the
Microsoft PAC specification shed light on other parts of the code, and
the updates to samr.idl and netlogon.idl come from those hints.
Also in this commit:
The Heimdal build package has been split up, so as to only link the
KDC with smbd, not the client utils.
To enable the PAC to be veified with gensec_krb5 (which isn't quite
dead yet), the keyblock has been passed back to the calling layer.
Andrew Bartlett
(This used to be commit e2015671c2f7501f832ff402873ffe6e53b89466)
|