domain_client_validate
Luke Kenneth Casson Leighton
lkcl at regent.push.net
Wed Apr 29 10:32:44 GMT 1998
jeremy,
the domain passed to machine_password_lock() should be the domain that is
received in the OEM information of the SMBsesssetupX. ok, not quite.
the OEM Domain info in the SesssetupX should be resolved by some means:
contact the DC for that domain and verify against that server.
on receipt of such a call, the server should check the domain name. if
the domain name does not match the server's own domain, then the server
should _also_ do a [recursive] "network" or "interactive" login as
appropriate: this is what trusted domains is all about.
so i have an NT server contacting regent, a samba server, and i tell it to
contact the same NT server for its password database :-) :-)
except that the NT server is in domain DB and the samba server is in
domain TEST3. so there is a little more work to do...
luke
More information about the samba-technical
mailing list