Obtaining MAC for Signing
Volker.Lendecke at SerNet.DE
Thu Apr 8 09:19:13 MDT 2010
On Thu, Apr 08, 2010 at 03:51:56PM +0100, J K wrote:
> I've been struggling for a few days to work out how SMB signing
> works in the case where the CIFS server doesn't have access to user
> credentials. I've read a lot of bits and pieces of protocol docs but
> found it difficult to pin down exactly what I'm after.
> What I don't get is how a CIFS server can obtain the required
> information (for example MIC/MAC/SessionKey/NTLM Hash) for
> generating the signature for a message when they don't know the
> user's password? What protocol is used to ask a Domain Controller
> (presumably this is who supplies it?) for a user's SessionKey,
> NTLM Hash or MIC?
It is obtained via the SamLogonEx call on the NETLOGON RPC
interface, which works when you are a member of the domain
and when you have established an encrypted rpc connection.
describes the NETLOGON RPC interface,
has information on the SamLogonEx call.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: Digital signature
More information about the samba-technical