RFC: Removing the --use-cached-creds parameter from ntlm_auth

Kai Blin kai.blin at gmail.com
Mon May 11 02:40:57 CDT 2009

Hi Rob,

I've done some digging about using cached credentials from winbindd, and this 
currently breaks with how we use this from Wine. Specifically, it's not 
possible to get the session key from winbindd. This breaks our later attempts 
to do signing/sealing. It might be possible to change winbindd to include 
this information, but in order to not leak user password information, 
winbindd can only do so for NTLMv2 and NTLM2.

In any case, --use-cached-creds will make things break in new and interesting 
ways for users who actually are running winbindd. I propose to stop setting 
that parameter until we figure out how to make this work.


Kai Blin
WorldForge developer  http://www.worldforge.org/
Wine developer        http://wiki.winehq.org/KaiBlin
Samba team member     http://www.samba.org/samba/team/
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20090511/f11aade1/attachment.pgp>

More information about the wine-devel mailing list