[PATCH] Updated Add detailed authentication logging for NTLM authentication.

Andrew Bartlett abartlet at samba.org
Thu Mar 2 03:57:14 UTC 2017


On Thu, 2017-03-02 at 16:48 +1300, Gary Lockyer wrote:
> Produce detailed authentication logs for NTLM authentication, of both
> successful and unsuccessful attempts.  Patch includes changes to
> ensure
> that all the required fields are passed through to the logging
> routines.
> 
> Updated to:
> 	log successful authorizations
> 	log password type for authentications
>         replace talloc_steal with talloc_move in
>             source4/smbd/service_named_pipe.c
> 	separate the auth logging into it's own file
> 
> 
> Subsequent patches will log kerberos authentication and
> produce machine parsable json log entries.

Thanks Gary.  We also need to remember password changes!  (The always
forgotten attack vector :-)

Thanks!
-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20170302/b9476a41/signature.sig>


More information about the samba-technical mailing list