Re: Machine password encrypted by admin password in SP3?

Luke Kenneth Casson Leighton (lkcl@regent.push.net)
Wed, 22 Apr 1998 12:47:53 +0000 (GMT)

Date:	Wed, 22 Apr 1998 12:47:53 +0000 (GMT)
From:	Luke Kenneth Casson Leighton <lkcl@regent.push.net>
To:	Paul Ashton <paul@argo.demon.co.uk>
Subject: Re: Machine password encrypted by admin password in SP3? 
In-Reply-To: <199804212146.WAA21992@argo.demon.co.uk>

On Wed, 22 Apr 1998, Paul Ashton wrote:

>
> paulle@microsoft.com said:
>
> > You have to add the workstation to the DC _from the workstation_ by
> > specifying the name of an account with the right to create machine accounts
> > and its password.

what this does over-the-wire is to open a \PIPE\samr with NTLMSSP
encryption, and add an LSA_USER_INFO_21 structure with ACB_WKSTRUST, an
account of MACHINE$ and a random password.

> > Usually, that's an admin. If you add the account at the
> > PDC (or remotely to the PDC from a workstation already in the domain) it
> > will create a well known password (the machine name) for the new machine.