RPC client on unix, server on NT

Luke Kenneth Casson Leighton lkcl at switchboard.net
Sat Nov 15 18:59:24 GMT 1997


On Sun, 16 Nov 1997, Marc Jalfon wrote:

> I'm writing a secure RPC Server for NT, and I'd like to write a
> UNIX client.  How can I have the UNIX client authenticate to
> the NT server (which uses LAN Manager/SMB)?  


ok, your best bet is to examine PAMs, available from:

	www.kernel.org/pub/linux/libs/pam/index.html.

PAMs (plug-in authentication modules) compile at present for Solaris-2.5;
Redhat Linux and slackware Linux.  they include kerberos 4 and 5; pam-smb;
AFS etc. 

so, if the unix o/s will take PAMs, then you can use pam-smb, currently at
version 0.6.  this version uses the Win95-style Domain Logons (ipc call with
WkstaUserLogon or NetUserGetInfo: can't remember which) which are not 
particularly secure...

alternatively, you could write up your own, using smblib (which is what
pam-smb does) and look at the clientgen.c and password.c files in the samba
cvs tree (see http://samba.anu.edu.au/cvs.html and
http://samba.anu.edu.au/cgi-bin/samba/cvs-web). 

alternatively, you could help with an effort to produce pam-ntdom or some
other login code, which is using NT-style DCE/RPC and implements NT
Domain-style logins.  there's a lot to do...

best regards,

luke


<a href="mailto:lkcl at switchboard.net"  > Luke Kenneth Casson Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba Consultancy and Support </a>



More information about the samba mailing list