domain_client_validate() in smbd/password.c
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Thu Feb 18 00:18:34 GMT 1999
On Wed, 17 Feb 1999, Matt Chapman wrote:
> Luke Kenneth Casson Leighton wrote:
> > nt-pdc1 nt-pdc2 samba-memberof-nt-pdc2
> > trust between nt-pdc1 and nt-pdc2. clients in nt-pdc2's domain can access
> > samba-memoberof-nt-pdc2. clients in nt-pdc1: no, i don't think so.
> > maybe! try it!
> Methinks it should work; the workstation-level SamLogon to pdc2 should
> be the same, and pdc2 is then responsible for the domain-level
> SamLogon to pdc1.
yeah. samba should just pass-through the auth-info from the
client-of-nt-pdc1, domain-name and all, through to nt-pdc2. nt-pdc2,
which has a working trust-relationship with nt-pdc1, should pass-through
to nt-pdc1. nt-pdc1 verifies and it gets passed all the way back again.
More information about the samba-technical