[PATCHES] smbd: support NTLM pass-through with \user at realm credentials

Jeremy Allison jra at samba.org
Tue Oct 25 15:51:41 UTC 2016


On Tue, Oct 25, 2016 at 11:20:41PM +1300, Andrew Bartlett wrote:
> 
> Indeed.  It is easy to do against LDAP (ask for the tokenGroups on
> rootDSE).  Does SMB have a good whoami yet?  Last time I recall us
> doing something for this it was a horrible hack via LSA lookups (there
> is some smbtorture code somewhere), or else the creation of a file. 

I finally implemented the smbclient UNIX extensions "whoami"
command, this will return you the unix token of the server
process. Might or might not be what you need here though
(no SIDs).



More information about the samba-technical mailing list