>4) running another program which issues an lsa 0x2f (which is what step 2 >does, too, so I think step 2 might not be necessary) which sets the domain >name, the dns domain name, the forest name, the GUID, and the SID of the >domain
This is LsarSetInformationPolicy2(). >6) modified nmbd to respond to mailslot opcode 0x12 with new opcodes 0x17 >and 0x19, which return more AD information (such as domain GUID) to the >requester Do these correspond to an RPC service? >But when I try to logon, it tries to use the short version of the domain as >the realm...which my MIT KDC doesn't like. Any ideas here? Why don't you patch the KDC to accept different name types and canonicalize them appropriately. -- Luke -- Luke Howard | lukehoward.com PADL Software | www.padl.com
