[PATCH] ADS "demote" fix
Antti Andreimann
Antti.Andreimann at mail.ee
Sun Jul 20 01:55:20 GMT 2003
Hi!
Problem description:
When non-kerberos client connects to samba the trust account in AD gets
demoted to NT4.0 and kerberos tickets cease to work.
Proposed solution:
Disable winbind:domain authentication and use smbserver authentication
instead in source/auth/auth.c
Implementation status:
Included patch implements the change. It should apply cleanly to 3.0.0beta3
as well as to CVS as of 20.07.2003 01:00 GMT
Testing status:
I have tested the change on alpha24 (and it is able to "fool" the AD), but
not on beta3 or latest CVS, however the change is so trivial it should
work.
Marc, can You please test it in Your environment and report if it helped
with the demotion problem?
--
Antti Andreimann
Using Linux since 1993
Member of ELUG since 29.01.2000
More information about the samba-technical
mailing list