domain_client_validate

Jeremy Allison jallison at whistle.com
Wed Apr 29 16:59:30 GMT 1998 

Luke,

	Thanks for all your comments - I hadn't *actually*
finished all the code yet, just committed it, so some of
them are unjustified :-). Note I hadn't yet *announced* it
was working, I just committed it for safe keeping.

> the passwords from smbclient are only LM hash provided, not the NT hash.
> therefore, the test if (lmlen != 24 || ntlen !=24) breaks down when it
> should not.

Lets fix smbclient :-). But I'll also look at fixing it in
domain_client_validate().

> the LUID we don't care about at the moment: however we _should_ internally
> use it as an index into a shared memory table.  this will inform all smbd
> processes that user "xyz" with LUID "NNNN" is "logged in to the domain".
>
> they will then have access rights (as "Domain Users") that can be
> distinguished from other rights.  also, the administrator has the option
> to kick them off in real time, by forcing the smbd daemon to close their
> IPC$ connection to \PIPE\NETLOGON.

Yes I know. The random luid value was what I call a 'hack', maybe
you've used them occasionally :-). Seriously though, you are correct,
I just didn't want to make the exact decision what to put there until
I thought about it some more, so I just punted with a random value
(which I knew wouldn't do any harm) for now.

> your modification to cli_nt_session_open() was to hide the fnum in the
> struct cli_state (which i'm not keen on).  however, you then do
> cli_close(&cli, cli.nt_pipe_fnum) which is inconsistent with the hiding in
> cli_nt_session_open().
>
> this is more of a crime :-)  can you put it one way or the other!

Well, I could always wrap it in a 'cli_nt_session_close()' if it
makes you happier - but that'll only do the same thing. I'll do
it so the pipe gets closed at the same layer as it was opened, ok
(picky, picky - did I offend your object orientation ? :-).

> the "here we get loads of info which we could check things on" - it's
> important to check:
>
> - the ACB_DISABLED flag isn't enabled
> - the ACB_NORMAL flag is true
> - the expiry time on the account hasn't passed
> - anything else that would warrant being a problem / possible security
> hole.

*Very* good point. I'll look at putting some checks here.

Anything else you want to throw bricks at :-) :-) ?

Cheers,


Jeremy

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------

More information about the samba-technical mailing list