[Samba] ntlm_auth and PEAP machine authentication
Andrew Bartlett
abartlet at samba.org
Thu Oct 6 09:09:15 GMT 2005
On Wed, 2005-10-05 at 22:12 -0400, Matthew Alexander wrote:
> Mike McCauley of OSC/Radiator provided me with this "quick and dirty fix":
>
> in samba/source/rpc_client/cli_netlogon.c,
> cli_netlogon_sam_network_logon() function
> the param_ctrl flags passed to init_id_info2() are always set to 0 but
> should be set to 0x800 (MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT)
> to enable machine authentication.
>
> Although kind of a shortcut, it works great if you need machine auth. Maybe
> it can help someone else?
Ooh, that's a gem! Now I have a dozen more flags to add to my SAMLOGON
torture test :-)
This also looks like it might assist in implementing other behaviours.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051006/0d521d11/attachment.bin
More information about the samba-technical
mailing list