>>>>> "Tomasz" == Tomasz Chmielewski <mangoo at wpkg.org> writes: Tomasz> Well, perhaps it suffices if WPKG service is started as a Tomasz> domain user, or WPKG path uses domain user credentials. Tomasz> Then, Windows should take care of all security issues for Tomasz> us - no need to reinvent anything here, if the operating Tomasz> system already does it? Tomasz> And Brian - what kind of tests did you really make? Unfortunately not. I setup a Samba server, not in a domain, and configured to map any bad password to the guest user, with the same name as a server that was in the domain. The client computer was a domain member and logged into the domain. I ensured that the genuine server was off-line, and from the client computer, I established a connection to the fraudulent server. Windows did not offer any errors or warnings that the computer I was connecting to was fraudulent or that it was connecting as a guest user instead of the (expected) authenticated user. -- Brian May <bam at snoopy.apana.org.au> |