2024-12-23 17:34:34 +03:00 · 2006-01-31 22:58:50 +00:00 · 2006-01-31 22:58:50 +00:00 · 75489ac8bc
commit 75489ac8bc
parent 6e55241a84
1 changed files with 32 additions and 1 deletions
--- a/source/rpc_server/remote/README
+++ b/source/rpc_server/remote/README
@ -1,7 +1,38 @@
-This smb.conf example should get you started:
+This is an RPC backend that implements all operations in terms of
+remote RPC operations.  This may be useful in certain debugging
+situations, where the traffic is encrypted, or you wish to validate
+that IDL is correct before implementing full test clients, or with
+windows clients.

+There are two modes of operation: Password specified and delegated
+credentials.
+
+Password specified:
+-------------------
+
+This uses a static username/password in the config file, example:
+
+[global]
 	dcerpc endpoint servers = remote
 	dcerpc_remote:binding = ncacn_np:win2003
 	dcerpc_remote:username = administrator
 	dcerpc_remote:password = PASSWORD
 	dcerpc_remote:interfaces = samr, lsarpc, netlogon
+
+Delegated credentials:
+----------------------
+
+If your incoming user is authenticated with Kerberos, and the machine
+account for this Samba4 proxy server is 'trusted for delegation', then
+the Samba4 proxy can forward the client's credentials to the target.
+
+You must be joined to the domain (net join <domain> member).
+
+To set 'trusted for delegation' with MMC, see the checkbox in the
+Computer account property page under Users and Computers.
+
+[global]
+	dcerpc endpoint servers = remote
+	dcerpc_remote:binding = ncacn_np:win2003
+	dcerpc_remote:interfaces = samr, lsarpc, netlogon
+