mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
98d5872293
Even a connect to \\pipe\lsarpc should return a secondary_address of '\\pipe\\lsass'. But that will be implemented in a following commit. BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> |
||
---|---|---|
.. | ||
dcesrv_remote.c | ||
README |
This is an RPC backend that implements all operations in terms of remote RPC operations. This may be useful in certain debugging situations, where the traffic is encrypted, or you wish to validate that IDL is correct before implementing full test clients, or with windows clients. There are two modes of operation: Password specified and delegated credentials. Password specified: ------------------- This uses a static username/password in the config file, example: [global] dcerpc endpoint servers = remote dcerpc_remote:binding = ncacn_np:win2003 dcerpc_remote:username = administrator dcerpc_remote:password = PASSWORD dcerpc_remote:interfaces = samr, lsarpc, netlogon Delegated credentials: ---------------------- If your incoming user is authenticated with Kerberos, and the machine account for this Samba4 proxy server is 'trusted for delegation', then the Samba4 proxy can forward the client's credentials to the target. You must be joined to the domain (net join <domain> member). To set 'trusted for delegation' with MMC, see the checkbox in the Computer account property page under Users and Computers. [global] dcerpc endpoint servers = remote dcerpc_remote:binding = ncacn_np:win2003 dcerpc_remote:interfaces = samr, lsarpc, netlogon