Citrix Metaframe demystified

Andy Polyakov appro at
Wed Feb 3 13:17:50 GMT 1999

Hello, everybody!

As several of you pointed out SAMBA PDC drives Windows NT Terminal
Server Edition (TSE) with Citrix Metaframe nuts. I was fortunate enough
to have two TSE+Metaframe boxes in the house, one talking to NT Server
PDC and one talking to SAMBA PDC:-) so that I had the chance to trace
and compare network traffic going on betweem TSE and PDC during logon
sequence. Here is what I've managed to figure out. Unlike plain NT
Workstation TSE+Metaframe box at some point attempts to connect to
PDC's \winreg pipe (remote connection to registry, right?) in order to
query System\CurrentControlSet\Control\Citrix\UserConfig\jdoe and then
InheritAutoLogon keys. Now the difference in behavior of NT PDC and
SAMBA PDC (in my place) appears to be that NT PDC returns
NT_STATUS_ACCESS_DENIED (notorious "limit remote access to registry"
from every security advisory), while SAMBA grants access and returns a
value that winlogon.exe obviously fails to interpret as it crashes with
exception C0000005 (I myself have no clue about the number, but I bet
it's kind of SEGV) according to the Event Viewer. In order to confirm
my assumption I've attempted to totally disable \winreg in SAMBA in
following manner:

*** source/smbd/nttrans.c.orig  Tue Dec  8 19:33:09 1998
--- source/smbd/nttrans.c       Wed Feb  3 11:40:16 1999
*** 45,51 ****
--- 45,53 ----
+ #if 0
+ #endif
Ta-da! I can now login on TSE as SAMBA domain user!

Once again I want to point out that the patch above is just something I
did in order to back up my analysis of network traces. No more, no

Cheers. Andy.

More information about the samba-ntdom mailing list