[OT] Digest authentication session key with ADS

Luke Howard lukeh at PADL.COM
Tue Feb 24 12:52:09 GMT 2004

>What we need to do now is setup IIS (or IAS) to use this mechanism, and
>see what happens on the wire.  It will all be in schannel, so set a
>local and domain policy to ensure that 'secure channel' communications
>are signed, not sealed.  
>There may be a new RPC - this may just be a hack on the existing
>NETLOGON calls (very easy to implement).

As I recall, it is a generic (level 4) SAM logon, for the WDigest
security package. 

-- Luke

More information about the samba-technical mailing list