trusted domains patch n+3

Rafal Szczesniak mimir at
Fri Sep 6 14:38:01 GMT 2002

On Fri, Sep 06, 2002 at 04:42:53PM +0200, Simo Sorce wrote:
> On Fri, 2002-09-06 at 15:56, Andrew Bartlett wrote:
> > One is the username they wanted, the other is the username they got
> > (after the username map file).  Similarly for domains - if the domain
> > they wanted is trusted, and we are not allowing trusted domains, or if
> > the domain doesn't exist, then we replace it with our own domain.  
> > 
> > We may still need their original username/domain for authenticaion
> > (NTLMv2 comes to mind in particular), hence why we keep both.
> What are you trying to do there?
> Why should we replace a domain name with another???

For instance, when lp_allow_trusted_domains() is set to false,
then user's domain name should is replaced with our domain name.
Authentication modules will then look for username in our domain's
SAM instead querying trusted domains.

I hope I understood your question well...

|Rafal 'Mimir' Szczesniak <mimir at>   |
|*BSD, GNU/Linux and Samba                                  /

More information about the samba-technical mailing list