passthrough authentication

Has anyone ever done a pass-through authentication service that authenticates users with a domain controller?

Here’s my situation. I provide services to windows clients and I want to verify that these clients are indeed who they say they are. A Windows domain controller will be available to me and I’d like to act as a middle man… forwarding the NT challenge from the server to the client, and forwarding the response from the client to the server. I don’t want to know the contents of either… I just want the domain controller to tell me that it knows who this user is, and that they’re ok by it.

Since my service won’t be running under NT, I need a little more than just the SSPI available under NT (I think).

Any helpful pointers are appreciated.

ERX

You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com

> Since my service won’t be running under NT, I need a little more than just
the SSPI available under NT (I think).

Consult the Samba source. They have all packet layouts to do the NT DC
authentication.

Max


You are currently subscribed to ntdev as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntdev-$subst(‘Recip.MemberIDChar’)@lists.osr.com