DSSync encryption notes
Stefan (metze) Metzmacher
metze at samba.org
Thu Dec 29 07:09:04 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andrew Bartlett schrieb:
> I just wanted to put some observations to the list about the encryptped
> blobs in the DRSUAPI replication.
>
> Firstly, this is the command I've been running:
>
> bin/smbtorture ncacn_ip_tcp:win2k3dc.win2k3.abartlet.net RPC-DSSYNC
> -Uadministrator%penguin --option=dssync:print_pwd_blobs=true
> --option=realm=win2k3.abartlet.net --option=workgroup=win2k3ab
> --option=ntlmssp_client:ntlm2=false
> --option=ntlmssp_client:keyexchange=false
maybe also try this:
bin/smbtorture ncacn_ip_tcp:win2k3dc.win2k3.abartlet.net[print] -d 10 RPC-DSSYNC
-Uadministrator%penguin
--option=realm=win2k3.abartlet.net --option=workgroup=win2k3ab
--option=ntlmssp_client:ntlm2=false
--option=ntlmssp_client:keyexchange=false >output-1.txt
bin/smbtorture ncacn_ip_tcp:win2k3dc.win2k3.abartlet.net[print] -d 10 RPC-DSSYNC
-Uadministrator%penguin
--option=realm=win2k3.abartlet.net --option=workgroup=win2k3ab
--option=ntlmssp_client:ntlm2=false
--option=ntlmssp_client:keyexchange=false >output-2.txt
and then diff -Npur output-1.txt output-2.txt|less
to make sure that the pwd data_blob's are the only changing elements...
- --
metze
Stefan Metzmacher <metze at samba.org> www.samba.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFDs4uIm70gjA5TCD8RAkkJAJ9DAAhZIsymRHeF+NbccgoLy29qoACguiO5
lKC8NLh4kF0JvSpWSDHJb90=
=FQuD
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list