[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0pre2-718-g4c20bd3

Karolin Seeger kseeger at samba.org
Wed Apr 16 13:11:20 GMT 2008


The branch, v3-2-stable has been updated
       via  4c20bd30fa5e9ee698148c50bc908a9d56496c5a (commit)
       via  c38081c6bae91608e1f76fc351d08749ff1e194f (commit)
      from  93ab530b6a12a779aa4f5065465c8aba96094c6d (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable


- Log -----------------------------------------------------------------
commit 4c20bd30fa5e9ee698148c50bc908a9d56496c5a
Author: Günther Deschner <gd at samba.org>
Date:   Thu Mar 27 18:05:02 2008 +0100

    Fix typo.
    
    Guenther
    (cherry picked from commit fed644372916a5e565e4f5352aab61b39a3a42a0)

commit c38081c6bae91608e1f76fc351d08749ff1e194f
Author: Gerald W. Carter <jerry at samba.org>
Date:   Thu Mar 27 11:56:29 2008 -0500

    Don't fill password policy structure for any domain other than our own.
    
    The samr connects will fail.  This is not independent of the CONTACT_TRUSTDOM
    flag neede by krb5 logins.
    (cherry picked from commit 4de4949e3bfcfb2169c329f19cb76936d9043d50)

-----------------------------------------------------------------------

Summary of changes:
 source/winbindd/winbindd_pam.c |   16 ++++++++++++++--
 1 files changed, 14 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/winbindd/winbindd_pam.c b/source/winbindd/winbindd_pam.c
index 5ca8f79..bc27f3d 100644
--- a/source/winbindd/winbindd_pam.c
+++ b/source/winbindd/winbindd_pam.c
@@ -1638,12 +1638,24 @@ process_result:
 
 
 		if (state->request.flags & WBFLAG_PAM_GET_PWD_POLICY) {
-			result = fillup_password_policy(domain, state);
+			struct winbindd_domain *our_domain = find_our_domain();
+
+			/* This is not entirely correct I believe, but it is
+			   consistent.  Only apply the password policy settings
+			   too warn users for our own domain.  Cannot obtain these 
+			   from trusted DCs all the  time so don't do it at all. 
+			   -- jerry */
+
+			result = NT_STATUS_NOT_SUPPORTED;
+			if (our_domain == domain ) {
+				result = fillup_password_policy(our_domain, state);
+			}
 
 			if (!NT_STATUS_IS_OK(result) 
 			    && !NT_STATUS_EQUAL(result, NT_STATUS_NOT_SUPPORTED) ) 
 			{
-				DEBUG(10,("Failed to get password policies: %s\n", nt_errstr(result)));
+				DEBUG(10,("Failed to get password policies for domain %s: %s\n", 
+					  domain->name, nt_errstr(result)));
 				goto done;
 			}
 		}


-- 
Samba Shared Repository


More information about the samba-cvs mailing list