Automatically locating domain controller

Jeremy Allison jallison at cthulhu.engr.sgi.com
Fri Oct 1 19:30:30 GMT 1999


Towers, Tim (London) wrote:

> Our support teams would like a single smb.conf that can be
> used as a default world-wide. (allowing for a minimal
> modification of the "workgroup=" field)
> 
> This means that you're stuck for what to put in your
> "password server=" field.
> 
> If there was a %D substitution for workgroup/domain
> then "password server = $d.ntpdc.whatever" could be
> used to automatically configure it using DNS, but better,
> the original samba mailing list article indicated that
> there was an automatic configuration method in the
> wings.

Ok - this is doable by querying for a DOMAIN<1c> (group)
name and then attempting to use the list of IP addresses
returned in order as a password server.

Hmmmmm. The question is, do we do this on smbd startup,
or should we do this on first client connect (better as
it allows flexlibility w.r.t smb.conf include files, but
potentially may cause timeouts on connect if the WINS server
is slow to respond) ?

Also, this does mean that Samba will treat as a password
server any machine that can successfully register a 1C
name. I haven't done this yet as it bugs me that there is
no security in name registration. I know this is what NT
does, but what worries me is the following scenario.

1). Evil Hacker (tm) crashes the real NT PDC (quite easy I'm
afraid if it has a TCP port 139 open).

2). Evil Hacker (tm) sets their own laptop up as a logon
server and registers the 1C name for the domain (which they
can now do as the PDC is down).

3). Evil Hacker (tm) uses smbclient to connect as user "root"
to a Samba server, and sets his own laptop to allow any password
authentication for the user "root"......

4). Trouble follows........

This is why I haven't added this feature yet. The current
password server code could be hacked this way if the name
resolution is set to use a NetBIOS name resolution (wins,
bcast) but cannot if it is set to use dns. This new feature
would *always* be hackable in this way.

Any comments, thoughts ?

Cheers,

	Jeremy Allison,
	Samba Team.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------


More information about the samba-technical mailing list