libsmbclient: Browsing and a URI spec?
Michael B. Allen
mballen at erols.com
Thu Jan 4 09:29:27 GMT 2001
On Thu, Jan 04, 2001 at 09:12:15AM +0100, Simo Sorce wrote:
> ahaaa....
> I suspected a trust relationship!
>
<snip stuff by me>
>
> a piar should be set I think:
> client auth domain =
> client auth server =
>
> as with trust relationship who is actually authenticating you is your
> right domain server, but it will use the "central" domain account by the
> trust relationship.
Actually that's not how I interpreted how authentication is working. I
know from working on jcifs and *many* hours in front of Ethereal/Net
Mon that authenticating a user accessing a share is simply to
send the authenticating domain in the PrimaryDomain field of the
SMB_COM_SESSION_SETUP_ANDX. I _ssume_ that the target server will then
contact the authentication controller(domain controller?) on behalf of the
client and accept or reject the session setup based on it's response. I
do not believe an NT Work Station contacts a third party however I must
admit I never tried an id that differed from the id currently logged
into the target server. So I don't recall seeing the *server* contact
a third party. Mmm, actually I think I have.
At least I know authentication will work without the third party server
information so 'client auth server =' would not be necessary.
Mike
--
signature pending
More information about the samba-technical
mailing list