NT Domain authorization
Quentin Stafford-Fraser
quentin "at" orl.co.uk
Tue, 29 Sep 1998 12:04:57 +0000
Christian, Chris wrote:
>
> but we would like to be able to
> authenticate connections via the NT Domain User Database.
...
Christian,
This *has* been asked, but it was some time ago. For many people this
would be convenient but it has some difficulties:
1. there are some serious security problems with NT authentication. If
we wanted to improve VNC security (and we'll get round to it one day!)
we wouldn't do it this way.
2. it's a rather platform-specific approach, and VNC has always tried to
be completely cross-platform.
3. there are several other possible password mechanisms that people
might like to use, and incorporating them all would probably lead to
bloated software
In other words, we're unlikely to do it in the near future. However, as
always, we would encourage anyone else to try it and will happily
distribute patches. My guess is that it would be pretty straightforward
if you had a look at the Samba source code which does the same thing.
Of course, the ideal would be some kind of pluggable authentication
modules, so you could choose your scheme...
Regards,
Quentin Stafford-Fraser
--
----------------------------------------------------------------------
Dr Quentin Stafford-Fraser http://www.orl.co.uk/~qsf
ORL - The joint research lab of Olivetti & Oracle
---------------------------------------------------------------------
The VNC mailing list - see http://www.orl.co.uk/vnc/intouch.html
---------------------------------------------------------------------