Samba4: SamLogonWithFlags on RPCNetlogon

Andrew Bartlett abartlet at
Wed Jun 25 03:08:15 GMT 2008

On Wed, 2008-06-25 at 11:52 +0900, 西崎 隆志 wrote:
> Dear Andrew,
> > So, looking at the Microsoft WSPP docs, this looks quite sane to manage.
> > (The WSPP docs are at
> >
> > 
> > Implementing the IDL is the easy part. See MS-NRPC section
> > 
> > However, this is just a wrapper (see MS-APDS), so you need to implement
> > MS-RCMP.  None of these protocols look particularly difficult.  Indeed
> > if this is the main task, then getting Samba4 to accept smart card login
> > may be quite simple.
> Thank you very much for your advice.
> I wanted to know this information.
> > I'm really keen to see this happen, so please let me know how you would
> > like to work on this - would you like to have a go, or does the above
> > look just a bit too complex?
> It looks a bit complex for me, but very interesting.
> So I have a go at this implementation.
> If I bump into a problem while at work or get a good result, I'll e-mail this list.

Please do.  I am very willing to help - I don't mind doing all the work,
if that is what it takes to get this feature, but naturally this means I
can't get as many other things done.  Without knowing you, it is hard to
know what your skills are.  

> > Is there a file-based certificate system for windows, that I can use for
> > testing?
> I'm sorry but I have no public system because of my company's policy.

You miss-understand me, and I was unclear.  I would love to set up
Samba4 in a similar way, and while I can use physical tokens and the
dogtag software from, these might be painful to
use in a Virtual Machine.  If you have any hints on how I might be able
to test without using hardware tokens, I would appreciate it. 

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list