svn commit: samba r10852 - in branches/SAMBA_4_0/source: include
libcli/composite winbind
vlendec at samba.org
vlendec at samba.org
Sun Oct 9 20:32:26 GMT 2005
Author: vlendec
Date: 2005-10-09 20:32:24 +0000 (Sun, 09 Oct 2005)
New Revision: 10852
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10852
Log:
Continuation-based programming can become a bit spaghetti...
Initialize a domain structure properly. Excerpt from wb_init_domain.c:
/*
* Initialize a domain:
*
* - With schannel credentials, try to open the SMB connection with the machine
* creds. Fall back to anonymous.
*
* - If we have schannel creds, do the auth2 and open the schannel'ed netlogon
* pipe.
*
* - Open LSA. If we have machine creds, try to open with ntlmssp. Fall back
* to schannel and then to anon bind.
*
* - With queryinfopolicy, verify that we're talking to the right domain
*
* A bit complex, but with all the combinations I think it's the best we can
* get. NT4, W2k3SP1 and W2k all have different combinations, but in the end we
* have a signed&sealed lsa connection on all of them.
*
* Is this overkill? In particular the authenticated SMB connection seems a
* bit overkill, given that we do schannel for netlogon and ntlmssp for
* lsa later on w2k3, the others don't do this anyway.
*/
Thanks to Jeremy for his detective work, and to the Samba4 team for providing
such a great infrastructure.
Next step is to connect to SAM. Do it via LDAP if we can, fall back to samr
with all we have.
Volker
Added:
branches/SAMBA_4_0/source/winbind/wb_init_domain.c
Modified:
branches/SAMBA_4_0/source/include/structs.h
branches/SAMBA_4_0/source/libcli/composite/composite.c
branches/SAMBA_4_0/source/winbind/config.mk
branches/SAMBA_4_0/source/winbind/wb_async_helpers.c
branches/SAMBA_4_0/source/winbind/wb_samba3_cmd.c
branches/SAMBA_4_0/source/winbind/wb_server.h
Changeset:
Sorry, the patch is too large (1057 lines) to include; please use WebSVN to see it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=10852
More information about the samba-cvs
mailing list