Problems with WinXP joining a Samba-head domain (and suggested solutions)

Luke Howard lukeh at PADL.COM
Wed Sep 11 20:41:00 GMT 2002

>OK, I can see them in the Auth Data. Ethereal does not break that out as 
>yet. It looks like two UINT32s and two ASCII strings. Not sure.
>What I see is 00 00 00 00 03 00 00 00 F O O 00 F O O - B D C 00

Hmm, I think we saw the same thing but 0x17 instead of 0x03. You would
think that Unicode names would be supported (unless this is UTF-8), I
wonder if 0x03 is some sort of capability flag...

What is returned in the bind response?

>> Unless you're saying that the secure channel is negotiated over SPNEGO?
>> I haven't seen that before, I'd like to know what OID they use.
>I don't know. The trace I have does not include the session setup, so I 
>can't see what was negotiated.

The auth data in the bind PDU is the session setup, at least for the purposes
of this discussion.

The verifier in subsequent PDUs, from what I've heard, is similar to the
rc4-hmac GSS_Wrap() except with a token header of 

0x77 0x00 0x7a 0x00 0xff 0xff 0x00 0x00

-- Luke

Luke Howard |
PADL Software |

More information about the samba-technical mailing list