Authentication through Transitive Trusts
Andrew Bartlett
abartlet at samba.org
Thu Apr 10 09:43:11 GMT 2003
On Thu, 2003-04-10 at 12:45, Ken Cross wrote:
> > -----Original Message-----
> > From: Andrew Bartlett [mailto:abartlet at samba.org]
> > Sent: Wednesday, April 09, 2003 7:08 PM
> > To: Ken Cross
> > Cc: 'Rafal Szczesniak'; 'Multiple recipients of list SAMBA-TECHNICAL'
> > Subject: RE: Authentication through Transitive Trusts
> >
> >
> > On Thu, 2003-04-10 at 07:13, Ken Cross wrote:
> > > Part of this problem could be due to the fact that Samba uses NTLM
> > > instead of Kerberos for user authentication.
> > >
> > > If the transitive trusts work via Kerberos referrals, I
> > think we could
> > > be screwed.
> >
> > Well, technically it's possible to do NTLM referrals - but as
> > we just contact our PDC, it's really up to what an MS PDC will do.
> >
> > Andrew Bartlett
> >
>
> But that's all a Windows box does, too. Any idea how transitive trusts
> work for them? (And they do, very nicely.)
Well, you will have to sniff it then (but if it's inside schannel, that
might be hard ;-)
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030410/ecd7298a/attachment.bin
More information about the samba-technical
mailing list