[PATCH] Try to cleanup auth

Andrew Bartlett abartlet at samba.org
Thu Jul 3 14:43:52 GMT 2003


On Fri, 2003-07-04 at 00:36, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On 3 Jul 2003, Andrew Bartlett wrote:
> 
> > This patch attempts to fix some bugs for VL, and cleans up some of the
> > auth subsystem for a 'cleaner' fix on what jerry did.
> 
> Looks ok to me.  2 comments
> 
>   * I don't get the use of the unix_name addition.  What 
>     purpose is it suppose to serve?

The idea is to keep the username 'domain\user' seperate from the NT
username.  This means we can take the NT username off the winbind reply,
and pass it on to the SAMLOGON reply, and not mess with it.  That way,
it should remain the username that all (NT-level) parties expect.

>   * I still think we need to have some way for an auth method
>     to say "I am authoritative for this user.  No need to move
>     on."  A BOOL final flag to the auth funcitons would be enough.
>     But for now, saying not implemented in auth_winbind for domains
>     matching get_global_sam_name() works.  If it comes back up 
>     again we can revisit this issue.

Yep, I think we could need this.

> But neither of these are reasons for not going ahead and checking 
> it in.

Thanks, I've fixed up a couple of issues with it can checked it in. 
(The one to the list was a bit rushed, and didn't even compile - the one
in CVS had a good shakedown)

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030703/8ef68057/attachment.bin


More information about the samba-technical mailing list