New approach to win2k joins...

[Luke Howard]

>4) running another program which issues an lsa 0x2f (which is what step 2
>does, too, so I think step 2 might not be necessary) which sets the domain
>name, the dns domain name, the forest name, the GUID, and the SID of the
>domain

This is LsarSetInformationPolicy2().

>6) modified nmbd to respond to mailslot opcode 0x12 with new opcodes 0x17
>and 0x19, which return more AD information (such as domain GUID) to the
>requester

Do these correspond to an RPC service?

>But when I try to logon, it tries to use the short version of the domain as
>the realm...which my MIT KDC doesn't like.  Any ideas here?

Why don't you patch the KDC to accept different name types and 
canonicalize them appropriately.

-- Luke

--
Luke Howard | lukehoward.com
PADL Software | www.padl.com