Chemolli Francesco (USI) wrote:
> Yes, you are.
> It first presents its workstation name and domain, and even
> that not always.
> Before you ask: yes, I have network traces showing such a behaviour.
Are you sure the user is logged in to the domain when this happens?
> > which makes sense to me as I thought you need to know the
> > user domain to
> > be able to get the challenge from the correct domain controller...
>
> Correct. I am puzzled as to what happens when the client offers no
> such information, maybe the proxy is supposed to ask a challenge to his
> own DC, or his local authentication service.
But.. his own DC or authentication service won't know the password hash,
so how is the password validated then?
/Henrik
Received on Tue Aug 01 2000 - 11:06:54 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:33 MST