[PATCH]Authentication failures with security=server

Andrew Bartlett abartlet at samba.org
Fri Jun 21 16:45:02 GMT 2002


Richard Sharpe wrote:
> 
> On Fri, 21 Jun 2002, Andrew Bartlett wrote:
> 
> > Juergen Hasch wrote:
> > >
> > > Hi,
> > >
> > > this is a simple backport of Andrew Bartlett's mutex fix from HEAD to 2.2.5.
> > > It fixes spurious authentication failures when using security=server.
> >
> > For the record, this is the Win2k parallel connections bug.
> >
> > That patch doesn't look right - there is an anonymous session setup in
> > the HEAD code.  This is deliberate - the connection will not be reset
> > after an anonymous session setup.  This patch should still have races in
> > it.
> 
> A lot of that is already in 2.2.5, AFAIK, as well.

No, this is only in 2.2.5 for 'security=domain'.  The code that Jurgen
is porting across extends the fix to security=server.  

Now running security=server against a win2k domain controller is
extremely ill-advised, I understand that it is occasionally necessary -
hence why Jurgan made up the patch, and why I asked him to post it to
the list.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba-technical mailing list