extended security & Negprot response
Andrew Bartlett
abartlet at samba.org
Thu Aug 8 04:21:03 GMT 2002
Steven French wrote:
>
> There had been some discussion about the first 16 byte field in the data
> area of the negprot response (before the security blob) when extended
> security is enabled. Ethereal and the SNIA CIFS spec correctly indicate
> that it is the Server's GUID but head's negprot_spnego (in smbd/negprot.c)
> puts an ascii name in there. Maybe its harmless but I was intrigued that
> the GUID in the field is stored in the registry - it matches exactly with
> the value of services\lanmanserver\parameters\GUID in its local registry -
> which makes sense since it has to be available for non-AD connected
> machines including standalone workstations.
Yes - its just a quick hack. Now that we have support for GUIDs we
could well send them. As far as the clients are concerned, we just need
to send *somthing* - they don't seem to care what it actually is.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list