whoami on a CIFS session

Andrew Bartlett abartlet at samba.org
Tue Sep 13 10:48:39 GMT 2005

On Tue, 2005-09-13 at 13:10 +0300, Moshe Yosevshvili wrote:
> hi all, 
>  I'd like to get the username of the user that opened a CIFS session.
> in NTLM the username is in plain text and can be retrieved during session 
> setup.
> in Kerberos, on the other hand, it's encrypted in the ticket (assume i can't 
> read the ticket).
> is there an MS-RPC call that i can send to the file-server in the context of 
> this session that will
> return the username. 

Yes, there is an LSA call for exactly this.

> this is kind of a "whoami" utility for a CIFS session.

You would need to be part of the CIFS session to do this, so I'm a bit
lost as to how you would execute it, but here is the IDL (from our

        /* Function:     0x2d */
        typedef struct {
                lsa_String *string;
        } lsa_StringPointer;

        NTSTATUS lsa_GetUserName(
                [in] unistr *system_name,
                [in,out] lsa_String *account_name,
                [in,out] lsa_StringPointer *authority_name

Andrew Bartlett                                http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.        http://suse.de
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050913/bf871154/attachment.bin

More information about the samba-technical mailing list