[python-win32] User transparent authentication with PDC

le dahut le.dahut at laposte.net
Wed Mar 11 10:47:42 CET 2009 

I come back with this subject because I still experience some difficulties.
I understand well now the principle of "sspi.py".

The problem is that the server is a Linux box, I can obviously not use 
pywin32 on it so how can I manage to do the same thing ?

I'm thinking about a ntlm compatible proxy which is able to do 
transparent win32 authentication.

Any ideas ?


Mark Hammond wrote :
> 
> On 21/01/2009 3:35 AM, le dahut wrote:
> 
>> I thought using some sort of NTLM like in squid. Your example deals with
>> NTLM but reading "Lib/site-packages/win32/lib/sspi.py" I don't
>> understand everything.
>  >
>  > Can you enlight me ?
>  >
> 
> In general, NTLM auth is tricky, but enlightenment can probably only 
> come from reading the MSDN articles on the various functions used.  But 
> in summary, the auth-process is multi-step - generate a request token, 
> get a response token, generate another request token from that response, 
> then get a final response with the final auth token.  At the end if 
> this, all you get is a token which identifies the user, and depending on 
> a number of things, the ability to impersonate that user.
> 
> Cheers,
> 
> Mark
> 
>>
>> Mark Hammond wrote :
>>>
>>> On 20/01/2009 1:35 AM, le dahut wrote:
>>>> Hello,
>>>> I've written a python network app in which the server runs on a
>>>> Samba-PDC (NT Domain controler) and the client on the windows NTdomain
>>>> clients.
>>>>
>>>> I want to authenticate the connexions to the python server using a
>>>> transparent method.
>>>>
>>>> Is there a way to get a user NTdomain authentication token and give it
>>>> back to the python-server so that it can validate it against the PDC ?
>>>
>>> Look for the 'sspi' functions and demos, particularly the
>>> win32\demos\security\sspi directory.
>>>
>>> Cheers,
>>>
>>> Mark
>>>
>>>
>> _______________________________________________
>> python-win32 mailing list
>> python-win32 at python.org
>> http://mail.python.org/mailman/listinfo/python-win32
> 
> 
>

More information about the python-win32 mailing list