how does the domain logon works?

Gerald Carter cartegw at Eng.Auburn.EDU
Mon Feb 22 14:06:40 GMT 1999

> 1. where can i find information about the LSA API 
> (documentation for all the functions) and for the
> SAM API? (lsasrv.dll, samlib.dll, samsrv.dll).

Don't know if they are.  If anywhere, check the 

> 3. where can i get NetMonitor? is it on the sdk? in 
> the resource kit?

SMS CD's or the Windows NT Server CD.  SMS is better.

> 5. each machine in a domain owns a SID right? that SID is given by the  
> NT PDC? i read some MDSN documentation and it says that for a user to  
> log on three steps are accomplished:
>         1. discovery of a PDC to validate the user
>         2. creation of a secure channel
>         3. pass-through authentication
> 1 is ok, now in 2, what does it means? when a user in a certain  
> workstation wants to log on  to a NT PDC, the workstation MUST be a  
> domain member right? if it isn't, NETLOGON will refuse the connection,  
> right?.
> so, the workstation is a member of a DOMAIN, now workstation sends to  
> NETLOGON a username of MACHINE$ and a password of MACHINE$ 
> to create the secure channel? is that right? the password 
> is always MACHINE$? you can't change it? the only thing 
> authenticated is this username/password  
> and not the worstation SID?.

The password is initially set to 'machine' which is the 
machine NetBIOS names in lower case.  Upon joining the 
domain, the password is changed to some random value. 

                            Gerald ( Jerry ) Carter	
Engineering Network Services                           Auburn University 
jerry at   

       "...a hundred billion castaways looking for a home."
                                  - Sting "Message in a Bottle" ( 1979 )

More information about the samba-ntdom mailing list