Todo list

Paul Ashton paul at
Mon Feb 9 13:23:18 GMT 1998

I thought I'd try and enumerate some of the things that need
doing and hopefully get some volunteers to look into them,
or at least provide comments and pointers on them.

1. A FAQ - There's Luke's home page and some other docs in
   samba/docs to be used as a start, but it would be nice
   if it was all pulled together to start a regularly
   posted FAQ to this list.

2. PDC-BDC replication
   We know that all the sensitive parts of the protocol are
   encrypted with a known RC4 key, but there are quite a
   few RPCs that need investigating and implementing for
   PDC-BDC replication (which may also apply to general
   replication). These include NetDatabaseSync2() and
   NetDatabaseDeltas(), plus some named pipe netbios
   "announce change to uas or sam" stuff.

3. Password changing. There seems to be dozens of ways to
   do this and the various mechanisms are documented in
   some of the cifs documents, microsoft ppp chap extensions,
   and other places. NetServerPasswordSet() should be an
   easy one that we haven't got around to yet. The nice
   one to have would be the CTRL-ALT-DEL password change
   one as that provides a plaintext password to the server
   in order that it can be quality checked. Decoding that
   one means that we can synchonise password databases
   with /etc/passwd providing the password is changed on
   the NT machine.

4. Web front ends to configuration management data. Until
   the whole protocol is implemented, it would be easier
   having a front end to new workstation creation,
   password changing, etc., so that RPCs for user manager
   for domains and others don't all have to be implemented
   (plus you get to be able to admin from Unix/Mac/win3.1).

5. Printing. As Luke pointed out, the whole of the spoolss
   named pipe subsystem needs to be implemented. This is
   quite a job. It would be nice to do so that printer
   drivers can be downloaded to workstations as in 95's
   PRINTER$ system (I'm assuming NT does this with RPCs).

6. Other subsystems. MS netmon lists R_DRSUAPI, R_INTERNET,
   R_WINSIF, R_WINSPOOL as MSRPC services. It would be
   useful documenting to what extent each is known about,
   what exports (dumpbin/exports, quickview) are in the
   associated DLLs, etc. winobj and nthandleex give you
   interesting info on which process is handling which
   named pipe, i.e. winlogon has the winreg named pipe

7. Tools. A description of the various tools that can be
   used to examine NT and network traffic and lists of
   resources with information. e.g. netmon, sourcer,
   softice,, msdn, nt resource kit.

   For people more comfortable debugging Unix, did you
   know that the AT&T port of the NT domain control
   system is called Advanced Server for Unix, and the
   SCO version of this (AFPS) can be obtained for $20
   as part of their educational and personal releases
   of Unixware?

8. Migration utilities. "How to migrate from your legacy
   NT server to Samba" :-). A step by step process on
   extracting the domain SID, user information with
   pwdump or pwdump2 (Todd Sabin's program that extracts
   password hashes even after SYSKEY has been installed
   by injecting a DLL into lsass.exe) and how to
   structure this into smb.conf.

Anything else people would like to see?

Any comments?

Any volunteers?



More information about the samba-ntdom mailing list