NT user authentication
Phil Cox
pcc at llnl.gov
Wed Dec 2 16:26:56 GMT 1998
At 12:18 AM 12/3/98 +1100, Andrej Borsenkow wrote:
>I got this from a book on NT networking. Can anybody please comment on this?
>This describes, how member of NT domain verifies remote logon request
>
>1. check (domain,user) with DC. If O.K. log user on as (domain,user)
>2. check user against local user database. If O.K., log on as local user
This would only happen if there was no domain associated with the user in
the logon request. I.E. when the explorer pops up the username/password
dialog box if I just enter a user name, then the server will check it's own
SAM database, but if I put the username in the form of domain\user, then
the server would do #1. It is my understanding that 1 & 2 are mutually
exclusive (except when a the domain is NULL). NULL domains are usually seen
in downlevel clients. Take a look at MS KB article Q103390.
Phil
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Computer Incident Advisory Capability (CIAC) Philip C. Cox
(510)422-8193 (510)422-8564
ciac at llnl.gov pcc at llnl.gov
-------------------------------------------------------------------
PGP fingerprint = 1A97 AB44 406A 77B7 3EA8 3B5B E3B5 BE73
Noteable Quote = "Do today what you want to be tomorrow."
More information about the samba-ntdom
mailing list