What is PCNS?
Christopher R. Hertel
crh at ubiqx.mn.org
Wed Apr 6 19:48:54 GMT 2005
On Wed, Apr 06, 2005 at 05:37:29PM +1000, Luke Howard wrote:
> I think PCNS is something else, appears that it uses RPC.
I would assume so. I was told that it intercepted the password change
process on the DC.
It's part of the MIIS product, and a subset of MIIS (supporting only
Microsoft products) can be downloaded for free. MIIS supports a variety
of directory systems (NDS, etc.) but is priced and licensed on a per-cpu
model (that's cpu's for the MIIS server, not clients).
> >From: Volker Lendecke <Volker.Lendecke at SerNet.DE>
> >Subject: Re: What is PCNS?
> >To: "Christopher R. Hertel" <crh at ubiqx.mn.org>
> >Cc: samba-technical at samba.org
> >Date: Wed, 6 Apr 2005 09:19:40 +0200
> >Organization: Service Network GmbH, Goettingen, Germany
> >On Tue, Apr 05, 2005 at 03:36:32PM -0500, Christopher R. Hertel wrote:
> >> Thing is, PCNS (according to the MS SE) runs on the domain controller,
> >> and is accessed via secure RPC. That'd mean that the client is actually
> >> sending the (encrypted) plaintext password over the wire to the DC.
> >In SFU there's a unix sync daemon that can send password changes to Unix. Unix
> >gets the new plain text password via some encrypted path. I looked at SFU2.0
> >once and tried to recompile the Unix part on SuSE. The details suck, but the
> >message here is that you can obviously hook into the AD password change
> >routines to grab the new plain text, very much like you can with our unix
> >password sync mechanism.
> >[Attachment: a2, application/pgp-signature]
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the samba-technical