smbd/reply.c 2.2.8a test local workgroup patch
abartlet at samba.org
Sat Jun 21 00:28:11 GMT 2003
On Sat, 2003-06-21 at 07:30, Richard Sharpe wrote:
> On Fri, 20 Jun 2003, Matthew Moffitt wrote:
> > >Surely that means that you must have authentication information for all
> > >users in two places: The domain they are in and the domain your Samba
> > >server is in.
> > >
> > >If so, what about the headache of keeping the passwords sync'd?
> > Not so, the samba servewr is in the same domain as the users. The
> > problem is with people coming in from elsewhere (home, remote offices,
> > external departments, etc). In this case their computers are not in our
> > domain, maybe not in any domain.
> > Simply put, when somebody is connecting to a server in MYDOMAIN I want
> > it to look for their account in MYDOMAIN, not their home PC's workgroup.
> Ok, I now realize that the diff you sent me confused me as well.
> We tend to like unified diffs around here (diff -u).
> I would be tempted to say that this sort of feature should be under the
> control of a parameter, but we have too many parameters.
It already is :-). Samba 3.0 have an 'allow trusted domains' parameter
(I'm pretty sure it must have been in 2.2. as well) and also takes some
pains to ensure that any specified username exists - ie the domain must
exist in the list of trusted domains.
I think this should solve all your problems.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030621/edc2c56a/attachment.bin
More information about the samba-technical