CVS update: samba/source/nsswitch
Andrew Bartlett
abartlet at samba.org
Fri Aug 1 10:15:13 GMT 2003
On Thu, 2003-07-31 at 15:43, jerry at samba.org wrote:
> Date: Thu Jul 31 05:43:47 2003
> Author: jerry
>
> Update of /data/cvs/samba/source/nsswitch
> In directory dp.samba.org:/tmp/cvs-serv8891/nsswitch
>
> Modified Files:
> Tag: SAMBA_3_0
> winbindd_ads.c winbindd_cache.c winbindd_cm.c winbindd_pam.c
> winbindd_util.c
> Log Message:
> working on transtive trusts issue:
>
> * use DsEnumerateDomainTrusts() instead of LDAP search.
> wbinfo -m now lists all trusted downlevel domains and
> all domains in the forest.
>
> Thnigs to do:
>
> o Look at Krb5 connection trusted domains
> o make sure to initial the trusted domain cache as soon
> as possible
To avoid situations where trusted domains have restrict anonymous set,
we should try and do a krb5 login for these connections, with the
machine account. (Yes, with krb5 machines can establish an SMB
connection, including creation of files etc :-)
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030801/c07b7f4d/attachment.bin
More information about the samba-technical
mailing list