Advice on which routines to use

Andrew Bartlett abartlet at
Thu Aug 8 03:43:44 GMT 2002

"Michael St. Laurent" wrote:
> I may be involved in a project to create a plugin for pppd that will do chap
> authentication against an NT PDC and would like some advice on which
> routines I can call on in the samba libraries.  I'm thinking that
> libsmbclient should be able to do this for me.  I'll need to get the hash or
> hashhash value for the MPPE encryption as well.  Also, I plan to do an RPC
> queryusergroups check to see if the username is a member of a specified
> group to do the access control.
> Any advice would be most appreciated.

The tool to use is winbind, and Samba 3.0.  This will allow this to work
not only on the PDC, but on member servers of any NT-style domain.  Do
not even *consider* trying to use the RPC code directly - it really
isn't worth the pain :-).

It's been on my todo list for a while, and most of the groundwork is
already done.  The idea is that samba will have an 'ntlm_auth' program,
which will wrap winbind's pipe in a more stable manner (the winbind pipe
itself is an internal samba interface).  

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at

More information about the samba-technical mailing list