Windows 2003 Active Directory Compatibility issue in
libads/sasl.c
Andrew Bartlett
abartlet at samba.org
Wed Aug 18 22:23:09 GMT 2004
On Thu, 2004-08-19 at 08:13, peter_yen at trendmicro.com wrote:
> Hi All,
>
> I am new to the samba-technical list. I am currently adopting the way
> Samba does for mutual authentication using Kerberos to MS Active
> Directory 2003.
Are you modifying the code? What is your aim?
> Basically, I am using this
> "static ADS_STATUS ads_sasl_gssapi_bind (ADS_STRUCT *ads) "
> in my LDAP client implemented by Netscape Directory SDK.
Given the comment 'it doesn't work with .NET RC2', why are you even
trying to use this, rather than the SPNEGO wrapped version?
You should be able to request mutual authentication in the SPENGO code,
but in Samba3 it's all rather crufty. In Samba4, GENSEC (my generic
security layer) already handles this, so if you can clarify what you are
trying to do, I might be able to help you in that context. (We could
work on hooking libads up to GENSEC, replacing that whole sasl.c file).
Andrew Bartlett
--
Andrew Bartlett abartlet at samba.org
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040819/8e30fc39/attachment.bin
More information about the samba-technical
mailing list