Samba4: SamLogonWithFlags on RPCNetlogon
Andrew Bartlett
abartlet at samba.org
Wed Jun 25 03:08:15 GMT 2008
On Wed, 2008-06-25 at 11:52 +0900, 西崎 隆志 wrote:
> Dear Andrew,
>
> > So, looking at the Microsoft WSPP docs, this looks quite sane to manage.
> > (The WSPP docs are at
> > http://msdn.microsoft.com/en-us/library/cc197979.aspx)
> >
> > Implementing the IDL is the easy part. See MS-NRPC section 2.2.1.4.2.
> >
> > However, this is just a wrapper (see MS-APDS), so you need to implement
> > MS-RCMP. None of these protocols look particularly difficult. Indeed
> > if this is the main task, then getting Samba4 to accept smart card login
> > may be quite simple.
> Thank you very much for your advice.
> I wanted to know this information.
>
> > I'm really keen to see this happen, so please let me know how you would
> > like to work on this - would you like to have a go, or does the above
> > look just a bit too complex?
> It looks a bit complex for me, but very interesting.
> So I have a go at this implementation.
> If I bump into a problem while at work or get a good result, I'll e-mail this list.
Please do. I am very willing to help - I don't mind doing all the work,
if that is what it takes to get this feature, but naturally this means I
can't get as many other things done. Without knowing you, it is hard to
know what your skills are.
> > Is there a file-based certificate system for windows, that I can use for
> > testing?
> I'm sorry but I have no public system because of my company's policy.
You miss-understand me, and I was unclear. I would love to set up
Samba4 in a similar way, and while I can use physical tokens and the
dogtag software from pki.fedoraproject.org, these might be painful to
use in a Virtual Machine. If you have any hints on how I might be able
to test without using hardware tokens, I would appreciate it.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080625/94d2d70c/attachment.bin
More information about the samba-technical
mailing list