Libsmbclient: smbc_init
Andrew Bartlett
abartlet at samba.org
Fri Nov 7 10:42:19 GMT 2003
On Thu, 2003-11-06 at 22:47, Simo Sorce wrote:
> On Thu, 2003-11-06 at 11:16, Sevastian Foglia wrote:
>
> > I'm developing an application that uses libsmbclient and samba-vfs.
> > When a client connects to a share on my samba server, samba-vfs passes
> > the gathered information to a local daemon that uses smbclient to connect
> > to another samba server. I have both workgroup and username, but I don't
> > have his password. Is there a way to authenticate to the samba server on
> > the other side with the supplied username (notice that both servers have
> > the same user database) ?
> >
> > As written in documentation I found I must initialize the samba client
> > library with smbc_init.
> > I saw in testsmbc.c that first argument of smbc_init is a function which is
> > used to get workgroup and user informations from stdin.
> > Now, my application is a daemon and I want nothing is been printed to
> > stdout and read from stdin.
>
> Ok basically you are extending the concept of security = server to file
> operations.
> Look at the code in samba that implements security = server, you will
> have to modify the samba server code in order to keep the hashed
> password and not delete it.
> This method cannot work in a domain environemnt when you are a member
> server and not the PDC, in that case the member server will never see
> the hashed password.
The better option really is to do this with kerberos, and
proxied/impersonation tickets etc. But it is possible to implement a
module like auth_smbserver to handle this, passing back and forth the
challenge-response values. Note, this breaks as soon as somebody
enforces SMB signing etc.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20031107/517a44b8/attachment.bin
More information about the samba-technical
mailing list