Re: Machine password encrypted by admin password in SP3?

Luke Kenneth Casson Leighton (lkcl@regent.push.net)
Wed, 22 Apr 1998 14:04:57 +0000 (GMT)

Date:	Wed, 22 Apr 1998 14:04:57 +0000 (GMT)
From:	Luke Kenneth Casson Leighton <lkcl@regent.push.net>
To:	Paul Ashton <paul@argo.demon.co.uk>
Subject: Re: Machine password encrypted by admin password in SP3? 
In-Reply-To: <Pine.LNX.3.96.980422124420.24790E-100000@regent.push.net>

On Wed, 22 Apr 1998, Luke Kenneth Casson Leighton wrote:

> On Wed, 22 Apr 1998, Paul Ashton wrote:
>
> >
> > paulle@microsoft.com said:
> >
> > > You have to add the workstation to the DC _from the workstation_ by
> > > specifying the name of an account with the right to create machine accounts
> > > and its password.
>
> what this does over-the-wire is to open a \PIPE\samr with NTLMSSP
> encryption, and add an LSA_USER_INFO_21 structure with ACB_WKSTRUST, an
> account of MACHINE$ and a random password.

oops! sorry: because it's encrypted, we don't _know_ that it's a random
password. so, i should say, it sends account information which, following
this (unknown) transaction, it can be demonstrated that a workstation is
considered to be a member of the DC's domain.

luke