Obtaining MAC for Signing

J K johnnykimble at gmail.com
Thu Apr 8 08:51:56 MDT 2010

Hi all,

I've been struggling for a few days to work out how SMB signing
works in the case where the CIFS server doesn't have access to user
credentials. I've read a lot of bits and pieces of protocol docs but
found it difficult to pin down exactly what I'm after.

What I don't get is how a CIFS server can obtain the required
information (for example MIC/MAC/SessionKey/NTLM Hash) for
generating the signature for a message when they don't know the
user's password? What protocol is used to ask a Domain Controller
(presumably this is who supplies it?) for a user's SessionKey,
NTLM Hash or MIC?

Thanks for reading,

More information about the samba-technical mailing list