Hmmm. Special XP weirdness/brokenness. Windows 2K working on 2.2.2
and 2.2.5 and Windows XP Not (not the usual problems)
Andrew Bartlett
abartlet at samba.org
Thu Oct 17 12:18:00 GMT 2002
Alan Jones wrote:
>
> Hi,
>
> We have some special weirdness happening with Samba and windows XP here.
>
> Background:
>
> We are wanting to install a third party product passlogix, V-GO single
> sign on product on windows
> (http://www.passlogix.com), which authenticates against a windows
> server. Basically it uses the windows
> Authentication to allow the decryption of a credential database, to
> allow automatic signing on to many
> Applications. It allows a user only to have to remember a single
> password, and then sign on to multiple
> Applications. Great appplication. Useful for medicos, who otherwise have
> to remember 10 passwords that roll each month
> Etc.
>
> Anyway. To cut a long story short. We have tried this on 2.2.5 and 2.2.2
> and the same thing happens. Anyway.
>
> We install the product on W2K and it works and on WINXP (against the
> same samba server and she broke).
>
> The product requires the user to re-authenticate prior to decrypting the
> credential database.
This is after the domain logon? And how does it do that?
> When we use *DISCONNECT* the WINXP box from the network (using winXP)
> cached credentials, ie no samba
> Authentication it works like a treat. ONLY when Samba is queried she
> broke.
Hmm - I'm assuming this is using a domain logon. It could be somthing
to do with session keys, or other such fun.
> We can provide a copy of the passlogix product if people are keen to
> help.
>
> Seems like the WinXP is doing things differently.
WinXP does a few things differently. :-(
> Now I should point out that WINXP, authenticates against the samba
> server as part of the windows login PERFECTLY.
> So as far as windows is concerned everything is nice with samba, only
> this third party product, which WE HAVE
> To RUN is broken. All help is gladly appreciated. I don't want to have
> to install active directory.!!!!
This looks very interesting - I'll need a lot more detail before I can
be much use unfortuntly. But given sufficnet traces, we should be able
to track this down...
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list