Closed Bug 171500 Opened 22 years ago Closed 21 years ago

Implement windows authentication on Unix using Samba's winbindd

Categories

(Core :: Networking, enhancement)

x86
Linux
enhancement
Not set
normal

Tracking

()

VERIFIED WONTFIX
Future

People

(Reporter: Martin.T.Kutschker, Unassigned)

References

Details

This bug is about solving bug #23679 on Unix platforms. Unlike the solution
suggested in bug #159015 it makes use of Samba's winbindd. This daemon provides
NTLMSSP services for other (e.g. squid is using it). Since it is probably the
best unix implementation of ntlmssp I argue to use it rather than a poor attempt
at it (see Andrew Bartlett's comment 134 on bug #23679).

The glue code should ideally provide suppotr for multile protocols. Not just
http but also pop, imap, nntp, ...
Depends on: 23679
Well, to clear it up, it would not rely on winbindd, but on a 'samba-supplied
binary' (or C lib, but given the Samba team's record with library interfaces, we
would like to avoid it, also avoids need to relicence code).

Also, to clear up 'who is using it', squid is currently using their own NTLMSSP
code, but sends the details to Samba's winbindd for verification.  We (both the
Squid and Samba teams) intend to move it so that the same 'samba supplied
binary' handles the whole deal.

In any case, the point being made is correct, we need to do this in one place,
and one place only.  I argue that Samba should host such code, becouse we
probably have the best understanding of it.  Samba has a client and server that
talks NTLMSSP over CIFS/SMB as a core functional requirement.

Andrew Bartlett
Status: UNCONFIRMED → NEW
Ever confirmed: true
future.
Target Milestone: --- → Future
I understand that the "ntlm_auth" binary that will be included in Samba v3.0.1 
MAY have this raw NTLMSSP authentication functionality.  Can this be revisited?

Tim Lank
Shouldn't this bug be obsolete since bug 224653 is fixed?
Mozilla has now it's own xp NTLM implementation. No need for Samba any more.
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → WONTFIX
verified WONTFIX
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.