Franky/Notes 20080508

Ports

  • 139/445: SMB (3)
  • 135: Epm (4)
  • 88: Kerberos (4)
  • 389/3268: LDAP / GC (4)
  • 399 UDP: CLDAP (4)
  • 137/42: WINS (4)

Pipes

  • samr (4)
  • lsa (4)
  • netlogon (4)
  • spoolss (3)
  • epm (4)
  • drsuapi (4)
  • winreg (3?)

Browsing: TCP138 mailslots, RAP SMB browsing (3?)

DNS TSIG server-side NTP authenticated

Todo

  • Authentication done by S4
    • NTLM by \\netlogon. S3 smbd talking to local S4
    • Kerberos: maybe s4 needs to fill s3's secrets.tdb
  • Named pipes over SMB
    • Forward 1p to unix domain socket
      • need to suplly auth_server_supplied_info before any client data
  • S4 netlogon needs to talk to S3 winbind
    • S3 Winbind needs to get the trust account pw from S4