[cifs-protocol] How to validate the PAC in NETLOGON
abartlet at samba.org
Fri Aug 8 08:07:28 GMT 2008
In MS-APDS 18.104.22.168 is claims that the client will send to the server the
PAC signatures (but not apparently the whole PAC), and that the NETLOGON
server (on the DC) must verify them.
How is it meant to verify the signatures, if it does not have the PAC to
verify checksum over?
Also, is there a command I can run on windows to cause this NETLOGON pac
validation to happen? (The document could do with a worked example
here, and in the PAC document).
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/cifs-protocol/attachments/20080808/f3effabc/attachment.bin
More information about the cifs-protocol