Re: How to Login to XP with an UNIX account??

From: Mike Brannigan [MSFT] (mikebran_at_online.microsoft.com)
Date: 02/02/05

• Next message: Mike Brannigan [MSFT]: "Re: xp home drive mapping to 2003 server"
• Previous message: Steve Riley [MSFT]: "Re: Firewall ON/OFF"
• In reply to: howard168: "How to Login to XP with an UNIX account??"
• Next in thread: howard168: "Re: How to Login to XP with an UNIX account??"
• Reply: howard168: "Re: How to Login to XP with an UNIX account??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 2 Feb 2005 07:39:34 -0000

"howard168" <howard168.1jt04u@no-mx.forums.iamnotageek.com> wrote in message
news:howard168.1jt04u@no-mx.forums.iamnotageek.com...
>
> Hi there, I wonder is there any way that an user can logon to a XP
> workstation with an account under unix server without the user's name
> existed in the workstation first. No domain available within the lan,
> just workgroup.
>
> I remember there is a feature in windows98 that user can require
> validation from network for windows access.

When a user logs onto a Windows XP machine an Access Token is built locally
that contains the Security Identifiers (SIDs) for the user and all the
groups they are a member of. When you do this against an Active Directory
Domain the SIDs are sent to your workstation in a data blob inside a
Kerberos ticket called the PAC. Since only the Microsoft implementation of
Kerberos uses the PAC to send the SIDs and without the SIDs you cannot build
an Access Token you cannot perform your initial logon to a Windows XP PC
using only a UNIX system with no local account information on the PC.

The security models within the operating systems of Windows 9x and Windows
XP are radically different so previous 9x features are irrelevant.

-- 
Regards,
Mike
--
Mike Brannigan [Microsoft]
This posting is provided "AS IS" with no warranties, and confers no
rights
Please note I cannot respond to e-mailed questions, please use these
newsgroups
"howard168" <howard168.1jt04u@no-mx.forums.iamnotageek.com> wrote in message 
news:howard168.1jt04u@no-mx.forums.iamnotageek.com...
>
> Hi there, I wonder is there any way that an user can logon to a XP
> workstation with an account under unix server without the user's name
> existed in the workstation first. No domain available within the lan,
> just workgroup.
>
> I remember there is a feature in windows98 that user can require
> validation from network for windows access.
>
> thanks.
>
>
> -- 
> howard168
> ------------------------------------------------------------------------
> howard168's Profile: http://www.iamnotageek.com/member.php?userid=9679
> View this thread: http://www.iamnotageek.com/showthread.php?t=810581
> 

---

• Next message: Mike Brannigan [MSFT]: "Re: xp home drive mapping to 2003 server"
• Previous message: Steve Riley [MSFT]: "Re: Firewall ON/OFF"
• In reply to: howard168: "How to Login to XP with an UNIX account??"
• Next in thread: howard168: "Re: How to Login to XP with an UNIX account??"
• Reply: howard168: "Re: How to Login to XP with an UNIX account??"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)