Nicknames and Clock Synchronization

After the first transaction, the server's AUTH_DES authentication subsystem returns in its verifier to the client an integer nickname. The client can use this nickname in its further transactions instead of passing its net name, encrypted DES key, and window every time. The nickname is most likely an index into a table on the server that stores for each client its net name, decrypted DES key, and window. It should however be treated as opaque data by the client.

Though originally synchronized, client and server clocks can get out of sync. If this situation occurs, the client RPC subsystem most likely receives an RPC_AUTHERROR at which point it should resynchronize.

A client can still get the RPC_AUTHERROR error even though it is synchronized with the server. The server's nickname table is a limited size, and it can flush entries as needed. The client should resend its original credential and the server gives the client a new nickname. If a server crashes, the entire nickname table is flushed, and all clients have to resend their original credentials.