svn commit: samba r10852 - in branches/SAMBA_4_0/source: include libcli/composite winbind

vlendec at samba.org vlendec at samba.org
Sun Oct 9 20:32:26 GMT 2005 

Author: vlendec
Date: 2005-10-09 20:32:24 +0000 (Sun, 09 Oct 2005)
New Revision: 10852

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10852

Log:
Continuation-based programming can become a bit spaghetti...

Initialize a domain structure properly. Excerpt from wb_init_domain.c:

/*
 * Initialize a domain:
 *
 * - With schannel credentials, try to open the SMB connection with the machine
 *   creds. Fall back to anonymous.
 *
 * - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
 *   pipe.
 *
 * - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
 *   to schannel and then to anon bind.
 *
 * - With queryinfopolicy, verify that we're talking to the right domain
 *
 * A bit complex, but with all the combinations I think it's the best we can
 * get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
 * have a signed&sealed lsa connection on all of them.
 *
 * Is this overkill? In particular the authenticated SMB connection seems a
 * bit overkill, given that we do schannel for netlogon and ntlmssp for 
 * lsa later on w2k3, the others don't do this anyway.
 */

Thanks to Jeremy for his detective work, and to the Samba4 team for providing
such a great infrastructure.

Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
with all we have.

Volker

Added:
   branches/SAMBA_4_0/source/winbind/wb_init_domain.c
Modified:
   branches/SAMBA_4_0/source/include/structs.h
   branches/SAMBA_4_0/source/libcli/composite/composite.c
   branches/SAMBA_4_0/source/winbind/config.mk
   branches/SAMBA_4_0/source/winbind/wb_async_helpers.c
   branches/SAMBA_4_0/source/winbind/wb_samba3_cmd.c
   branches/SAMBA_4_0/source/winbind/wb_server.h


Changeset:
Sorry, the patch is too large (1057 lines) to include; please use WebSVN to see it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10852

More information about the samba-cvs mailing list