samba 4 TP3 and Windows SSPI
Stefan (metze) Metzmacher
metze at samba.org
Sat Nov 11 10:00:33 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andrew Bartlett schrieb:
> On Fri, 2006-11-10 at 10:37 +1100, Andrew Bartlett wrote:
>> On Thu, 2006-11-09 at 17:33 +0300, Joshua Masiko wrote:
>>> DsWriteAccountSpn allows you to de-couple the way the client connects from
>>> the account the server is running under
>>>
>>> it basically maps a service principal name to the server account such that
>>> in InitializeSecurityContext the client can specify the SPN as the target
>>> without knowing the account under which the server is running. Details are
>>> on MSDN online.
>> Looks like a mere matter of implementation, we appear to have figured
>> out the IDL.
>
> Attached is a first implementation. I need get the client testsuite for
> this runnning as part of 'make test' before I add it to the tree.
Hi Andrew,
please note that a special bind_guid in the DsBind() call is needed,
when you try a DsWriteAccountSPN(), and we should match the error code
when not getting the correct bind_guid.
metze
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iD8DBQFFVZ9Bm70gjA5TCD8RAiZkAKCpDuCubKGko+3xxfogXWPIWON/KQCfVSgj
uyB+eVJ/CJwFAjpQhwarelU=
=0BTg
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list