programming question: authenticating to a domain controller
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Thu Apr 2 21:38:57 GMT 1998
yes it does work.
you must first do the sub-command lsaquery, followed by the nltest (or
ntlogin) command.
you do not need DES libraries; you will need
http://mailhost.cb1.com/~lkcl/arcfour.c (in the BRANCH_NTDOM version,
which you say you are using).
use a samba BRANCH_NTDOM server with debug level 20 to 30, because you
will get nice pretty output in the log.smb file :-) alternatively, use
NETMON on the nt server.
luke
On Fri, 3 Apr 1998, Jens B. Jorgensen wrote:
> Folks,
>
> I'd like to add authentication into my program and I want to
> authenticate users to an NT domain controller. I used CVS to get the
> latest domain branch of the samba codebase and found that smbclient has
> an 'ntlogin' command. I figured if this works I could cut and paste code
> into my program. However, this code doesn't work. That is to say,
> ntlogin fails to log in. First I needed to add the computer to the
> domain, which I did. Even then I got back a wrong user or password
> status, ie 'NET_SAMLOGON: NT_STATUS_WRONG_PASSWORD'. I tried compiling
> with RC4 support (linked against ssleay libs, generated my own 'arcfour'
> functions), without, and with DES support (which didn't compile for lack
> of a des_encrypt8 function which I couldn't see how to do even using the
> ssl des libs). Is this code supposed to work? As a side note, I'm
> authenticating to an NT4.0 server machine and although I have enabled
> the logging of auth failures (and tested, they do indeed generate
> events) I *never* get a message in the event log about the login
> failure.
>
> --
> Jens B. Jorgensen
> jjorgens at bdsinc.com
>
>
>
<a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://www.samba.co.uk" > Samba and Network Consultancy </a>
More information about the samba-ntdom
mailing list