and is it possible to use ldap over ssl in the GAL? If yes, how?
mjuricek novell com
+421 917 498 084
Making IT Work As One
>>> David Woodhouse <dwmw2 infradead org> 3/1/2011 11:59 AM >>>
On Tue, 2011-03-01 at 10:15 +0000, Milan Juricek wrote:
> we have workstations joined to the M$ domain... (SLED 11 SP1 desktops)
> but Evo requires password :( I mean that Evo does not use
> (support) /usr/bin/ntlm_auth...
Right. Instead of just fixing Evo to do NTLM v2 for itself, we should
fix it to delegate to ntlm_auth which fixes the problem *properly*.
There ought to be a library which handles it all for you automatically —
trying /usr/bin/ntlm_auth if it's available, or falling back to doing
NTLM (including v2) for itself.
I'd previously thought that doing such a library wouldn't be sensible,
since for communicating with ntlm_auth and polling on its sockets it
would need to integrate with the application's main loop, which is
non-trivial. Such a library wouldn't be usable in Chrome, Firefox, and
other arbitrary apps with their own main loop structure.
But maybe it makes sense to do one which works with a glib main loop,
which would be used in all glib-based code.