|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Michael B. Allen (mballen
EROLS.COM)Date: Mon Apr 15 2002 - 15:31:08 CDT
On Mon, 15 Apr 2002 19:57:14 +0000
Luke Kenneth Casson Leighton <lkclSAMBA-TNG.ORG> wrote:
> > lsarpc - Local Security Authority
> > Provides clients with a way to query the WIndows NT Local Security Authority. This set of services allows a client to find out
> > information about User and Workstation Accounts, read and write domain security policy, and similar services.
>
> also allows management of secrets (LsaQuerySecret, LsaSetSecret etc.)
> which used to be a security risk up until NT 4 sp3 or so.
>
> lsa is a redirector, so although you can enumerate account information
> via SAM functions _and_ the lsa, you cannot enumerate LDAP/AD or
> Novell Netware account information via SAM but only via lsa.
What functionality surrounding MS "middleware" protocols has not been
deciphered in the open yet? Your book mentions an issue with NTLMv2. I
know MS recently released info about their Kerberos work which *sounded*
like a green light to released a free interoperable implementation. What
is of interest to the CIFS community as far as AD is concerned? It's the
OpenLDAP client all that is necessary to manipulate user accounts and
"browse" lists or must the AD server run in a special compatibility mode?
Mike
-- May The Source be with you.---------------------------------------------------------------- Users Guide http://discuss.microsoft.com/archives/mailfaq.asp contains important info including how to unsubscribe. Save time, search the archives at http://discuss.microsoft.com/archives/index.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]