> Chemolli Francesco (USI) wrote:
>
> > Yes, you are.
> > It first presents its workstation name and domain, and even
> > that not always.
> > Before you ask: yes, I have network traces showing such a behaviour.
>
> Are you sure the user is logged in to the domain when this happens?
Yes.
> > > which makes sense to me as I thought you need to know the
> > > user domain to
> > > be able to get the challenge from the correct domain controller...
> >
> > Correct. I am puzzled as to what happens when the client offers no
> > such information, maybe the proxy is supposed to ask a
> challenge to his
> > own DC, or his local authentication service.
>
> But.. his own DC or authentication service won't know the
> password hash,
> so how is the password validated then?
Trust relationships maybe.
I am still investigating the fact.
/kinkie
Received on Wed Aug 02 2000 - 00:33:41 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:33 MST