paul at argo.demon.co.uk
Mon Feb 9 13:23:18 GMT 1998
I thought I'd try and enumerate some of the things that need
doing and hopefully get some volunteers to look into them,
or at least provide comments and pointers on them.
1. A FAQ - There's Luke's home page and some other docs in
samba/docs to be used as a start, but it would be nice
if it was all pulled together to start a regularly
posted FAQ to this list.
2. PDC-BDC replication
We know that all the sensitive parts of the protocol are
encrypted with a known RC4 key, but there are quite a
few RPCs that need investigating and implementing for
PDC-BDC replication (which may also apply to general
replication). These include NetDatabaseSync2() and
NetDatabaseDeltas(), plus some named pipe netbios
"announce change to uas or sam" stuff.
3. Password changing. There seems to be dozens of ways to
do this and the various mechanisms are documented in
some of the cifs documents, microsoft ppp chap extensions,
and other places. NetServerPasswordSet() should be an
easy one that we haven't got around to yet. The nice
one to have would be the CTRL-ALT-DEL password change
one as that provides a plaintext password to the server
in order that it can be quality checked. Decoding that
one means that we can synchonise password databases
with /etc/passwd providing the password is changed on
the NT machine.
4. Web front ends to configuration management data. Until
the whole protocol is implemented, it would be easier
having a front end to new workstation creation,
password changing, etc., so that RPCs for user manager
for domains and others don't all have to be implemented
(plus you get to be able to admin from Unix/Mac/win3.1).
5. Printing. As Luke pointed out, the whole of the spoolss
named pipe subsystem needs to be implemented. This is
quite a job. It would be nice to do so that printer
drivers can be downloaded to workstations as in 95's
PRINTER$ system (I'm assuming NT does this with RPCs).
6. Other subsystems. MS netmon lists R_DRSUAPI, R_INTERNET,
R_LOGON, R_LSARPC, R_REMOTEAUTO, R_RXDS, R_SRVSVC,
R_WINSIF, R_WINSPOOL as MSRPC services. It would be
useful documenting to what extent each is known about,
what exports (dumpbin/exports, quickview) are in the
associated DLLs, etc.
www.ntinternals.com winobj and nthandleex give you
interesting info on which process is handling which
named pipe, i.e. winlogon has the winreg named pipe
7. Tools. A description of the various tools that can be
used to examine NT and network traffic and lists of
resources with information. e.g. netmon, sourcer,
softice, www.ntinternals.com, msdn, nt resource kit.
For people more comfortable debugging Unix, did you
know that the AT&T port of the NT domain control
system is called Advanced Server for Unix, and the
SCO version of this (AFPS) can be obtained for $20
as part of their educational and personal releases
8. Migration utilities. "How to migrate from your legacy
NT server to Samba" :-). A step by step process on
extracting the domain SID, user information with
pwdump or pwdump2 (Todd Sabin's program that extracts
password hashes even after SYSKEY has been installed
by injecting a DLL into lsass.exe) and how to
structure this into smb.conf.
Anything else people would like to see?
More information about the samba-ntdom