nt domain support

Luke Kenneth Casson Leighton lkcl at switchboard.net
Sun Jan 25 16:35:54 GMT 1998

On 14 Jan 1998, Tom Ryan wrote:

> first off, i would like to say thanks to luke for working hard on the
> NTDOM stuff.. its come a long way, in a short time..

the initial implementation was by paul ashton.  and the second, and the
third :-)  then i reimplemented it again (to understand it), and expanded
its scope, to learn about NT workstation / Domain interaction, and to tie
it into what i know or can infer about the NT kernel and the
undocumented parts of the NT system itself.

however, i've been talking to people about CIFS and Domains, and sorting
out the house.  for me, development work stops now until i get a full time
job, as i have no money left.  that doesn't stop the plans going round and
round my head, though :-) 

> i'd also like to follow up with regards to what he said in his "state of
> the union" text.. it seems that a lot of people are interested in NTDOM
> code.. but not that many seem to be helping out on that..

anders blomdell, eloy paris, edan idzerda and more have all been helping
out.  anders has been particularly helpful, with a constant stream of
valuable comments and short patches.

> we have to change that..
> anyone have any idea what's going to happen with nt 5?

don't talk to me about nt 5.  not until microsoft stop their attitude of
"oh, it's ok for us to code it up, then release the first beta and draft
CIFS documentation, and ignore the barrage of comments because there's not
enough time to address the issues before the beta programme is

> regardless... i'm a 3.51 shop and i'm sure others are as well as 4.x users
> and have no plans to upgrade..

i am *counting* on this :-) :-)
> is any work being done on trust relationships?

as yet, the only trust relationships we have are workstation ones.

the first issue to deal with is PDC and Domain Logon support, and
everything that goes with this.

> if not, i'll start
> attacking this sometime in the next couple of weeks.. if work is being
> done, is that code in the cvs distrib??

tom, it's a big issue.  the first one to solve is to be able to have two
NT workstations logged in to the same NT Server PDC.  run NetMon (SMS
version not the stand-alone version that comes with the NT server
distribution) or tcpdump.  access the _second_ workstation's shares/files
from the _first_ workstation, making sure that you use different, newly
created usernames that have _not_ logged on to the other workstations [NT
workstation has the capability to cache the last 10 users that logged on
to a PDC, should the PDC become temporarily unavailable].  send the .CAP
file (for preference) or tcpdump file to samba-bugs.

this is step one that needs to be done.  step two is to make one of those
machines a Win95 machine, accessing the NT workstation, and see what
happens over-the-wire, and code that.

*then* we're in a position to do a first release.  *then* we're in a
position to move on to BDC and inter-domain trust relationships. somewhere
in between (and in parallel) a hell of a lot of coding of a redesign needs
to happen. i know exactly what needs to happen, which is on a low priority
at the moment, but it will mean that samba will turn UNIX into a fully
administerable Primary Domain Controller.  but i've described that all in
the "state of the union... what the heck on earth possessed you to call it
that, tom??? :-)"  couldn't you have called it "the state of the art"?

> if not, and its available, let me know so i can work off of that...

it's the BRANCH_NTDOM version, as you're probably aware.  that's the
current state of play.

i would advise for the time being to discuss development on
samba at samba.anu.edu.au with a subject starting with NTDOM: or Re: NTDOM:

luke (samba team)

<a href="mailto:lkcl at samba.anu.edu.au" > Luke Kenneth Casson Leighton  </a>
<a href="http://mailhost.cb1.com/~lkcl"> Samba and Network Consultancy </a>

More information about the samba mailing list