trusted domains patch n+3
Rafal Szczesniak
mimir at diament.ists.pwr.wroc.pl
Fri Sep 6 14:38:01 GMT 2002
On Fri, Sep 06, 2002 at 04:42:53PM +0200, Simo Sorce wrote:
> On Fri, 2002-09-06 at 15:56, Andrew Bartlett wrote:
> > One is the username they wanted, the other is the username they got
> > (after the username map file). Similarly for domains - if the domain
> > they wanted is trusted, and we are not allowing trusted domains, or if
> > the domain doesn't exist, then we replace it with our own domain.
> >
> > We may still need their original username/domain for authenticaion
> > (NTLMv2 comes to mind in particular), hence why we keep both.
>
> What are you trying to do there?
> Why should we replace a domain name with another???
For instance, when lp_allow_trusted_domains() is set to false,
then user's domain name should is replaced with our domain name.
Authentication modules will then look for username in our domain's
SAM instead querying trusted domains.
I hope I understood your question well...
--
cheers,
+------------------------------------------------------------+
|Rafal 'Mimir' Szczesniak <mimir at diament.ists.pwr.wroc.pl> |
|*BSD, GNU/Linux and Samba /
|__________________________________________________________/
More information about the samba-technical
mailing list