What is PCNS?

[Christopher R. Hertel]

On Wed, Apr 06, 2005 at 05:37:29PM +1000, Luke Howard wrote:
> 
> I think PCNS is something else, appears that it uses RPC.

I would assume so.  I was told that it intercepted the password change 
process on the DC.

It's part of the MIIS product, and a subset of MIIS (supporting only
Microsoft products) can be downloaded for free.  MIIS supports a variety
of directory systems (NDS, etc.) but is priced and licensed on a per-cpu
model (that's cpu's for the MIIS server, not clients).

Interesting...

Thanks!

Chris -)-----


> >From: Volker Lendecke <Volker.Lendecke at SerNet.DE>
> >Subject: Re: What is PCNS?
> >To: "Christopher R. Hertel" <crh at ubiqx.mn.org>
> >Cc: samba-technical at samba.org
> >Date: Wed, 6 Apr 2005 09:19:40 +0200
> >Organization: Service Network GmbH, Goettingen, Germany
> >
> >On Tue, Apr 05, 2005 at 03:36:32PM -0500, Christopher R. Hertel wrote:
> >> Thing is, PCNS (according to the MS SE) runs on the domain controller, 
> >> and is accessed via secure RPC.  That'd mean that the client is actually 
> >> sending the (encrypted) plaintext password over the wire to the DC.
> >
> >In SFU there's a unix sync daemon that can send password changes to Unix. Unix
> >gets the new plain text password via some encrypted path. I looked at SFU2.0
> >once and tried to recompile the Unix part on SuSE. The details suck, but the
> >message here is that you can obviously hook into the AD password change
> >routines to grab the new plain text, very much like you can with our unix
> >password sync mechanism.
> >
> >Volker
> >
> >[Attachment: a2, application/pgp-signature]
> 
> --

-- 
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/     -)-----   Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/   -)-----   ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/     -)-----   crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/    -)-----   crh at ubiqx.org