Advice on which routines to use

Andrew Bartlett abartlet at samba.org
Thu Aug 8 03:43:44 GMT 2002


"Michael St. Laurent" wrote:
> 
> I may be involved in a project to create a plugin for pppd that will do chap
> authentication against an NT PDC and would like some advice on which
> routines I can call on in the samba libraries.  I'm thinking that
> libsmbclient should be able to do this for me.  I'll need to get the hash or
> hashhash value for the MPPE encryption as well.  Also, I plan to do an RPC
> queryusergroups check to see if the username is a member of a specified
> group to do the access control.
> 
> Any advice would be most appreciated.

The tool to use is winbind, and Samba 3.0.  This will allow this to work
not only on the PDC, but on member servers of any NT-style domain.  Do
not even *consider* trying to use the RPC code directly - it really
isn't worth the pain :-).

It's been on my todo list for a while, and most of the groundwork is
already done.  The idea is that samba will have an 'ntlm_auth' program,
which will wrap winbind's pipe in a more stable manner (the winbind pipe
itself is an internal samba interface).  

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net



More information about the samba-technical mailing list