RFC: Removing the --use-cached-creds parameter from ntlm_auth
Kai Blin
kai.blin at gmail.com
Mon May 11 02:40:57 CDT 2009
Hi Rob,
I've done some digging about using cached credentials from winbindd, and this
currently breaks with how we use this from Wine. Specifically, it's not
possible to get the session key from winbindd. This breaks our later attempts
to do signing/sealing. It might be possible to change winbindd to include
this information, but in order to not leak user password information,
winbindd can only do so for NTLMv2 and NTLM2.
In any case, --use-cached-creds will make things break in new and interesting
ways for users who actually are running winbindd. I propose to stop setting
that parameter until we figure out how to make this work.
Cheers,
Kai
--
Kai Blin
WorldForge developer http://www.worldforge.org/
Wine developer http://wiki.winehq.org/KaiBlin
Samba team member http://www.samba.org/samba/team/
--
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20090511/f11aade1/attachment.pgp>
More information about the wine-devel
mailing list