svn commit: samba r11803 - in branches/SAMBA_4_0/source/torture/rpc: .

Andrew Bartlett abartlet at
Sun Nov 20 22:25:17 GMT 2005

On Sun, 2005-11-20 at 19:29 +0100, Stefan (metze) Metzmacher wrote:
> Hash: SHA1
> Volker Lendecke schrieb:
> > On Sun, Nov 20, 2005 at 02:22:39PM +1100, Andrew Bartlett wrote:
> > 
> >>This looks good.  It looks to me that the async schannel bind logic is
> >>generic, and I would love to see that moved into the librpc code, so
> >>that everything tests it, and we can use the composite functions
> >>elsewhere (like winbindd).
> > 
> > 
> > That's the idea.
> > 
> > Right now I'm looking at dcerpc_bind_auth to get async. The alter context call,
> > a "full" second or third leg in the auth, has this ever been seen in the wild?
> > What auth method uses that?
> auth type 16 raw krb5 and auth type 9 spnego uses alter context,
> as there're 4 auth packets like on a spengo/ntlmssp session setup

BTW, I've been meaning to suggest for a while that the default
authenticated RPC bind should be SPNEGO, not NTLMSSP.  This would match
behaviour on the other protocols.

(If we get back the bind NAC suggesting that SPNEGO isn't understood,
then we should try NTLMSSP, for Samba3 and NT4 compatibility).

Andrew Bartlett

Andrew Bartlett                      
Samba Developer, SuSE Labs, Novell Inc.
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list