[Samba] NTLM authoriaztion & Samba (and other SMB-compatible) servers.

Andrew Bartlett abartlet at pcug.org.au
Mon Apr 8 05:23:02 GMT 2002

Lev Serebryakov wrote:
> Hello samba,
>   I'm writing NTLM module for SASL (to allow sendmail authorize
>   Outlook and Outlook Express). Module is ready and works great. But
>   it could now only check passwords by internal SASL database (I've
>   written Type{1,2,3} packets parsing by myself).
>   I want to add ability check passwords on any SMB server.
>   How could I redirect auth. requests to such server, if I know IP of
>   this server?

The best way (particuarly given the GPL nature of all open-source SMB
implementations on Unix) is to use winbindd.  Winbind has a command that
can allow you to specify both the challange and the response and to
forward these to a remote domain controller.

Unfortunetly the interface currently isn't very stable, but work is

BTW, what is your NTLM module implemeting?  NTLMSSP?  I know of 3
existing implementations of this - we need to get these togeather if at
all possible - the current situation is just silly.

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba mailing list