[Samba] SASL DIGEST-MD5 NT_STATUS_INVALID_PARAMETER
abartlet at samba.org
Fri Jul 10 20:29:52 UTC 2015
On Fri, 2015-07-10 at 11:45 -0500, Arthur Ramsey wrote:
> That's too bad, I was trying to get the Vasco Identikey server working
> with samba4 as a backend for FIPS 140-2 compliant OTP, which will only
> bind with DIGEST-MD5. I guess I will have to join a Windows 2008 R2 to
> the domain as a domain controller.
Very interesting. This is the first use of DIGEST-MD5 that I've come
across for AD.
It would be great if it could be patched back in, but it would need
tests this time, and to actually work. We may have to implement the
server-side in Samba, if we can't push the pre-digested hash values into
Cyrus SASL (or don't want to use it).
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba