[Samba] Passthrough Authentication, DC Authentication and Signing

Johnny Kimble johnnykimble at gmail.com
Thu Apr 1 09:54:54 MDT 2010

Hello all,

How does a CIFS server sign messages in a situation where the CIFS server does
 not know the password of the user? For example, in a situation where the CIFS 
server has to communicate with a domain controller.

I've looked into this and I've a feeling the answer might lie in the GSS API. 
But I'm not sure exactly how the CIFS server uses it to sign a message.

Can a CIFS server ask a domain controller for a Message Authentication Code (or 
ntlmv2 repsonse or whatever is required) for a particular client, and then use 
that sign all subsequent communication with that client?


More information about the samba mailing list