[SAMBA_TNG] netlogond implementation flaw
Luke Kenneth Casson Leighton
lkcl at samba.org
Fri Jan 21 00:59:30 GMT 2000
OK, i fixed it. for details, please check
http://samba.org/listproc/samba-cvs.
this was _really_ obscure, but fortunately i was expecting there to be
this kind of problem, so i knew what was wrong from the reliability
failure symptoms.
NOTE NOTE NOTE to cvs main / samba_tng users: give me a couple of hours to
go home, update the portable, get some food, and then update cvs main's
msrpc loopback interface to be compatible with the samba_tng changes i
just had to make.
luke
On Fri, 21 Jan 2000, Luke Kenneth Casson Leighton wrote:
> i created a credential-store database for internal use in samba to fix the
> case where an SMB connection is dropped and reestablished in between
> NetrReqChal / NetrAuth2 and NetrSamLogons.
>
> the database key is "workstation name\0domain name".
>
> this is insufficient.
>
> consider the case where two users of rpcclient log in from the same
> workstation, or two smbd processes wish to verify users' passwords. both
> will use the same database key, and one will overwrite the other's
> credentials, including the session key.
>
> i have a solution: use the pid of the smbd process or rpcclient process in
> the database key.
>
> symptoms: erratic access to SAMBA_TNG files and erratic login access.
>
> give me a few hours to fix this.
>
> thx,
>
> luke
>
>
<a href="mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href="http://www.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://samba.org" > Samba Web site </a>
<a href="http://www.iss.net" > Internet Security Systems, Inc. </a>
<a href="http://mcp.com" > Macmillan Technical Publishing </a>
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
More information about the samba-ntdom
mailing list