How to obtain Service_key in the course of kerberos authentication?
杨昌玉
ycy360 at 163.com
Mon Nov 18 06:11:09 MST 2013
Dear Everybody:
I sent a message "How to get Service_key and the corresponding function call interface from the Samba source TGS_REPpart"last week, this time, I continue to do a supplementary of background and problems, thank you for your answer, very grateful!
1, Built environment
1) Exchange server:
The operator system of Exchange server is Windows Server2008R2, We configured it as Active Directory (primary domain controller) used for client authentication (Kerberos);and configured it for Exchange mail server.
2) Exchange client:
The operator system of Exchange client is WindowsXP or Windows7, We configured it as Exchange client for sending and receiving messages.
2, The function I want to achieve
Now I want to use RedHat5.5 (installed with Samba4.0.0) to realize the proxy of Exchange(I called it Exchange Proxy below), That is, the Exchange Proxy need to have the functional of DC(domain controller) and KDC(Key Distribute Center).
Referances the information of https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO, I have configured the RedHat5.5 as AD DC.
A large number of the found data show that, in the course of kerberos authentication, if we get the Service_key, which produce in the TGS_REP messages during the stage of the Exchange Server reponse the message to the client, Our Exhange Proxy will be able to achieve authentication and communication between Client_side and Server-side.
We Already know that we have administrator privileges.
3, The ultimate goal
How to get Service_key through mentioned above through Samba source?
4, Urgent problem to be solved
In the process of realization the Exchange Proxy, I encounter the following very difficult problem.
1) In the Samba source code, is there any tool can get to the Service_key?
2) In the Samba source code, is there any relevant interface Synchronous the authentication key information between Windows2008R2 and Redhat5.5?
On the above description of the problems, I want to hear your ideas, opinions and suggestions.
Any help would be appreciated sincerely.
Best wishes.
Yours sincerely,
Changyu Yang
Dalian University Of China
More information about the samba-technical
mailing list