Different Domain Login.
Luke Kenneth Casson Leighton
lkcl at samba.org
Fri Feb 18 20:25:01 GMT 2000
ryan, it should not be necessary to do _exactly_ this, you should be able
to detect it.
i.e 2.0.x should _automatically_ substitute the correct domain.
On Sat, 19 Feb 2000, Ryan Wyler wrote:
> Well, I haven't received anything from the LIST as far as replys yet..
> but I went through the source code and added what I needed. If you know
> which list is better to submit these changes to let me know.
>
> I added a option in the smb.conf:
> Default Authenticaion Domain
>
> What it does is if you have that option specified, it will do a
> comparision to see if the Domain specified by the user is the same
> domain as the WORKGROUP of the sambaserver. If it is then it will
> change the domain to be lp_defaultauthdomain (which is the Default
> Authentication Domain). Below are my DIFFS, please review them and help
> me impliment this better if you see anything that needs to be changed,
> thanks!
>
> WAYBELOW is my origional post to samba-ntdom at samba.org
>
>
> FOLLOWING ARE MY DIFFS:
>
> -- smbd/reply.c --
> # diff smbd/reply.c.orig smbd/reply.c
> 787a788,794
> > /* Added by Ryan Wyler (ryan at nhorizon.net) */
> > if(*lp_defaultauthdomain) {
> > if(strequal(lp_workgroup(), domain)) {
> > fstrcpy(domain,lp_defaultauthdomain());
> > }
> > }
> >
>
> -- param/loadparm.c --
>
> # diff param/loadparm.c.orig param/loadparm.c
> 122a123
> > char *szDefaultAuthDomain;
> 540a542
> > {"default authentication domain", P_USTRING, P_GLOBAL, &Globals.szDefaultAuthDomain, NULL, NULL, FLAG_BASIC|FLAG_DOS_STRING},
> 1182a1185
> > FN_GLOBAL_STRING(lp_defaultauthdomain,&Globals.szDefaultAuthDomain)
>
>
> -- include/proto.h --
>
> # diff include/proto.h.orig include/proto.h
> 1006a1007
> > char *lp_defaultauthdomain(void);
>
>
>
> Ryan Wyler wrote:
> >
> > Here at motorola we are doing a 'TEST' implementation of samba.
> > Hopefully we will be able to replace our Novell servers with some
> > UltraEnterprise 4500's running Solaris/Samba instead of what Corporate
> > wants to go with (20+ NT Boxes.. AHHHH..).
> >
> > Everything is working great, samba is working awesome, it's very fast,
> > etc.. Our setup is as follows. The domain the samba server is on is
> > called 'NA2R1' and the USERDOMAIN where the PDC and BDCs sit is called
> > 'NA2'. There is a trust relationship between the two domains.
> >
> > I have the samba server setup to do security=domain, password server =
> > *. That is working great. Our ONLY complaint so far is when people
> > connect to it they have to connect with 'na2\username' instead of just
> > 'username'. Is there a way in the smb.conf to specify a default domain
> > to authenticate with??
> >
> > Like say something like "default authentication domain = NA2" so when a
> > user puts in for username 'username' it will automaticly throw the
> > 'na2\username' on there first, and if that does not authenticate then
> > try the 'na2r1\username'.
> >
> > Any suggestions would help. Thanks.
> >
> > --
> >
> > Ryan Wyler
> > SC4211 at email.mot.com Voice: (480) 732-4318
> > Motorola ITSS Pager: ryan.page at monitor.sat.mot.com
> > U N I X
> >
> > [ Unix is very Friendly ...
> > ... just pickier about who it makes friends with. ]
>
> --
>
> Ryan Wyler
> SC4211 at email.mot.com Voice: (480) 732-4318
> Motorola ITSS Pager: ryan.page at monitor.sat.mot.com
> U N I X
>
> [ Unix is very Friendly ...
> ... just pickier about who it makes friends with. ]
>
<a href="mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href="http://cb1.com/~lkcl" > Samba and Network Development </a>
<a href="http://samba.org" > Samba Web site </a>
<a href="http://www.iss.net" > Internet Security Systems, Inc. </a>
<a href="http://mcp.com" > Macmillan Technical Publishing </a>
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
More information about the samba-ntdom
mailing list