search

ps2homebrew / Open-PS2-Loader

Game and app loader for Sony PlayStation 2
https://ps2homebrew.github.io/Open-PS2-Loader/
Academic Free License v3.0
2.09k stars 268 forks source link

[FR] SMB Authentication for Domain-Joined Computer #848

Open HorseOfTheSea opened 1 year ago

HorseOfTheSea commented 1 year ago

Checks

Describe the FR

The "PS2SMB" share can only be accessed by when hosted by a non-domain computer, or a domain controller.

If the share is hosted by a domain computer (without the ability to perform authentication on behalf of the domain), the PS2 is only able to provide credentials that are either for a) an active local account, but still considered invalid since the share's host is assuming creds are for a domain account b) an active domain account, but the share's host cannot authenticate on behalf of the domain

Describe the solution you'd like

Include "smb_domain=DOMAIN" or similar to conf_network.cfg

Describe alternatives you've considered

Don't worry about it. Anyone running a domain can figure out their own workaround lol :)

Additional context

With COMPUTER a member of DOMAIN. USER has matching logon credentials on both local computer and domain controller. Security logs from Win10 computer hosting the share show as below when attempting to authenticate

smb_user=USER Account Name: USER Account Domain: DOMAIN (expected, but cannot authenticate on behalf of domain)

smb_user=COMPUTER\USER Account Name: COMPUTER\USER Account Domain: DOMAIN (unexpected)

Should be smb_user=COMPUTER\USER Account Name: USER Account Domain: COMPUTER

AKuHAK commented 1 year ago

As I know using @ symbol will allow to expose domain username even in 3rd case. Like user@domain.

s12321 commented 1 year ago

azure or local dc?

grester commented 1 year ago

Slightly off topic but leaving my 2 cents here for future visitors. I set up a Win2019 server but had problems being able to successfully SMB to it. All audits and logs recognized the PS2 connecting and the user logging in successfully (in this case is a DC), however, it would fail with typical error 304 (if I recall the number correctly). My workaround was to use OPLServer. I don't know why but it works this way. I believe windows nowadays secures SMB too well and is not easy to open it. OPLServer runs it's own independent SMB server and you can set it to a non-traditional port and works perfectly. No need to install SMB features on windows and open vulnerabilities.