libsmbclient: Browsing and a URI spec?
Simo Sorce
simo.sorce at polimi.it
Thu Jan 4 13:51:47 GMT 2001
On Thu, 4 Jan 2001, Michael B. Allen wrote:
> On Thu, Jan 04, 2001 at 09:12:15AM +0100, Simo Sorce wrote:
> > ahaaa....
> > I suspected a trust relationship!
> >
> <snip stuff by me>
> >
> > a piar should be set I think:
> > client auth domain =
> > client auth server =
> >
> > as with trust relationship who is actually authenticating you is your
> > right domain server, but it will use the "central" domain account by the
> > trust relationship.
>
> Actually that's not how I interpreted how authentication is working. I
> know from working on jcifs and *many* hours in front of Ethereal/Net
> Mon that authenticating a user accessing a share is simply to
> send the authenticating domain in the PrimaryDomain field of the
> SMB_COM_SESSION_SETUP_ANDX. I _ssume_ that the target server will then
> contact the authentication controller(domain controller?) on behalf of the
> client and accept or reject the session setup based on it's response. I
> do not believe an NT Work Station contacts a third party however I must
> admit I never tried an id that differed from the id currently logged
> into the target server. So I don't recall seeing the *server* contact
> a third party. Mmm, actually I think I have.
>
> At least I know authentication will work without the third party server
> information so 'client auth server =' would not be necessary.
>
> Mike
>
>
I explained badly probably.
For what I know authentication, in case of trust relationship, follow this
path:
clinet contact his domain controller (domain A)
and passess domain\username
if domain is another domain (B) and theres a trsat relationship beetween
between A and B then domain controller A will request domain controller B
to authenticate the user.
so what is needed as default is:
the default user domain (B) and the default authenticaticator
(A domain PDC/BDC.
--
Simo Sorce - Integrazione Sistemi Unix/Windows - Politecnico di Milano
E-mail: simo.sorce at polimi.it
Tel.int: 02 2399 2425 - Fax.int. 02 2399 2451
-----------------------------------------------------------------
Be happy, use Linux!
More information about the samba-technical
mailing list