D'oh! Backup issue solved

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Eric Smith <eric_at_brouhaha.com>
Date: Sun Sep 3 22:52:05 2000

Cameron Kaiser <spectre_at_stockholm.ptloma.edu> wrote:
> No, the SID (as I recall from my guilty little store of NT data) is
> generated off hardware to prevent someone from simply putting the name of a
> trusted host on an NT machine and entering it into the NT domain. If the
> SID doesn't match, the machine isn't granted entrance. Therefore, it would
> have to be have been assigned *before* it is connected to the network, and
> according to our local MCSE, it's totally intrinsic to the machine's
> hardware.

The SID may be seeded from the Ethernet MAC address or something, but it
isn't really tied to the machine. I've replaced Ethernet cards on NT
boxes with no problems.

But the SID is supposed to be a "secret" shared between the client and
the server. If someone else gets hold of the SID, they can masquerade
as the client and have whatever security privs that client had.
Received on Sun Sep 03 2000 - 22:52:05 BST

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:33:19 BST