Authentication through transitive trusts
Richard Sharpe
rsharpe at richardsharpe.com
Thu Jul 17 22:13:57 GMT 2003
On Thu, 17 Jul 2003, Ken Cross wrote:
> Here you go. Similar setup:
>
> 10.0.0.204 - "WIN1" - Windows 2000 (SP4) AD Server, domain WIN1DOM
>
> 10.0.0.189 - "KJCWINXP" - Windows XP Pro Client, a member of WIN1DOM
>
> It shows KJCWINXP connecting to the "Program Files" share on WIN1. It looks
> like it negotiated "MS KRB5" protocol.
OK, apart from the long-file name bit that I mentioned before, here is/are
some further difference(s) between Samba and Win2K ...
1. Win2K offers an additional OID in the NegProt Response:
1.2.840.113554.2.2.3, which looks strange as it is a
sub-oid of KRB5. Ethereal does not know of it ATM.
2. In the session setup&X, the MechType offers MS KRB5, KRB5, and
NTLMSSP, in that order.
Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kjc1.cap
Type: application/octet-stream
Size: 59787 bytes
Desc:
Url : http://lists.samba.org/archive/samba-technical/attachments/20030717/00da7bf3/kjc1.obj
More information about the samba-technical
mailing list