Re: [Evolution] Evolution and NTLM v2

From: David Woodhouse <dwmw2 infradead org>
To: Milan Juricek <mjuricek novell sk>
Cc: Evolution Mailinglist <evolution-list gnome org>
Subject: Re: [Evolution] Evolution and NTLM v2
Date: Wed, 23 Feb 2011 09:49:59 +0000

On Tue, 2011-02-22 at 07:31 +0000, Milan Juricek wrote:

i`d like to ask you... Does Evolution support NTLM v2? Or when will
this feature be implemented in the GAL authentication? 
Now we are using Evo + Exchange plug-in (Exchange 2k3) and only GAL+
NTLM v1 works. But this concept is not accepted by security
department.


You shouldn't have to ask this question. If your machine has joined the
domain using Samba/winbind then all client apps should just be
invoking /usr/bin/ntlm_auth to handle the NTLM challenge/response
process. Apps shouldn't be asking for the password for themselves.

We're going to make this work with a simpler dÃmon too, so you don't
have to use the full Samba/winbind setup and actually join the domain.

I envisage a simple tool that runs in the user's session, having
obtained the password from PAM like gnome-keyring does. And it'll do
nothing except continuously refresh your Kerberos tickets, and answer
queries via /usr/bin/ntlm_auth from apps like Evolution.

-- 
dwmw2

References:
- [Evolution] Evolution and NTLM v2
  - From: Milan Juricek

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]