Implement windows authentication on Unix using Samba's winbindd

VERIFIED WONTFIX

Status

()

enhancement
VERIFIED WONTFIX
17 years ago
16 years ago

People

(Reporter: Martin.T.Kutschker, Unassigned)

Tracking

Trunk
Future
x86
Linux
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

This bug is about solving bug #23679 on Unix platforms. Unlike the solution
suggested in bug #159015 it makes use of Samba's winbindd. This daemon provides
NTLMSSP services for other (e.g. squid is using it). Since it is probably the
best unix implementation of ntlmssp I argue to use it rather than a poor attempt
at it (see Andrew Bartlett's comment 134 on bug #23679).

The glue code should ideally provide suppotr for multile protocols. Not just
http but also pop, imap, nntp, ...
Depends on: 23679
Well, to clear it up, it would not rely on winbindd, but on a 'samba-supplied
binary' (or C lib, but given the Samba team's record with library interfaces, we
would like to avoid it, also avoids need to relicence code).

Also, to clear up 'who is using it', squid is currently using their own NTLMSSP
code, but sends the details to Samba's winbindd for verification.  We (both the
Squid and Samba teams) intend to move it so that the same 'samba supplied
binary' handles the whole deal.

In any case, the point being made is correct, we need to do this in one place,
and one place only.  I argue that Samba should host such code, becouse we
probably have the best understanding of it.  Samba has a client and server that
talks NTLMSSP over CIFS/SMB as a core functional requirement.

Andrew Bartlett
Status: UNCONFIRMED → NEW
Ever confirmed: true
future.
Target Milestone: --- → Future
I understand that the "ntlm_auth" binary that will be included in Samba v3.0.1 
MAY have this raw NTLMSSP authentication functionality.  Can this be revisited?

Tim Lank
Shouldn't this bug be obsolete since bug 224653 is fixed?
Mozilla has now it's own xp NTLM implementation. No need for Samba any more.
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → WONTFIX
verified WONTFIX
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.