expert advice needed

Big Woz angrybob at havoc.gtf.org
Fri Jun 22 19:24:56 GMT 2001 

I'm in need of some expert advice on windows password stuff, and it is
my opinion and the opinion of my co-workers that by far the most
intellignet and knowlegable people on this subject are the samba people.

I've browsed through the archives, but haven't been able to find
anything that would help (I may easily have missed it, if so just point
me in the right direction and I will go RTFM).

what I'm trying to do:

	We have a NIDS that does user validation.... At the moment
	everything works fine under normal use, but when a user decides
	to change their password it needs to be updated with the machine
	running the NIDS.  Under windows NT and 2000, I can sense when
	the password has been changed, but only under 2000 have I found
	a function that will request that password so that I can send
	the new one over to the NIDS.

	So, what I am most hoping to find is a way to get the password
	on the host machine itself, and update from there.  The solution
	has to work under windowsNT 4.0.

What I may be trying to do if I can't figure out how to do it above:

	If I have to fall back to another solution, it will be to try
	and rip samba apart and try to extract enough to create a domain
	controller that will sync with our NIDS.  Though this is
	probably a more elegant solution, it has more points of failure
	and involves some code that we aren't totally intimate with (no
	offense to the samba coders, but I can't guarentee code that I
	don't know really well).  It also may open us up to attacks
	against the windows domain.

	I'm pretty sure that I can accomplish this with winbind, though
	I've only read samba-2.2.0/examples/appliance/README, and
	haven't tried yet.


Apologies to the group:

	I realise that some of this is pretty off-topic for this mailing
	list, and I apologise for that, but I don't see where else I can
	go to query the same level of intelligence and experience.
	<smile>
	
	I am more than willing to take this discussion off the list if
	it is of no interest to the bulk of the subscribers.

--adam

More information about the samba-technical mailing list