winbindd: msrpc vs. ads methods & domain trusts between ADS and NT4
Chere Zhou
qzhou at isilon.com
Wed Jun 4 19:29:36 GMT 2003
I have a 2 way trust between w2k domain and nt4 domain. Join samba 3.0 into
the w2k domain as a member. It does not seem to work with nt4 users.
Looking at winbindd code, I found that all domain->methods point to the cache
methods, the cache methods then point to either msrpc or ads methods
depending on lp_security(). So if I set security=ads, msrpc methods are not
even going to be used at all. This structure will certainly not work with
trusts between w2k and nt4 domains.
Is there an easy way to fix this? I can't think of anything right now. I
think in order to make this work, we will need to figure out what type of
domain this is when doing add_trusted_domains, and set the domain->methods to
the correct msrpc or ads methods, instead of the cache methods right now.
Then change the call into cache methods to call directly instead of
domain->methods, and use domain->methods for the calls from the cache methods.
Where can I find more information about the current design, concern? What
might be a better solution to fix this? Anybody working on this right now?
Thanks,
Chere
More information about the samba-technical
mailing list