how flexible is domain authentication?
abartlet at samba.org
Sun Oct 26 21:34:09 GMT 2003
On Mon, 2003-10-27 at 06:50, Brandon Craig Rhodes wrote:
> Brandon Craig Rhodes <brandon at oit.gatech.edu> writes:
> > This sounds almost exactly like what we need; say, a configuration
> > file option "rewrite user domain = CAMPUS_AUTH" that causes all users
> > trying to authenticate to appear to be in the foreign "CAMPUS_AUTH"
> > domain, rather than in the local domain of the group-level server.
> > ... Where in the code is the process you outlined above - where an
> > unrecognized client domain is rewritten - undertaken?
> Update: on a whim I searched the source tree for "unknown domain" and
> was whisked directly to the make_user_info_map() function which seems
> precisely the function I want to modify. I am going to try to add the
> above-described feature and may post a patch as early as tonight if it
> works, so others caught in our situation might find a way out.
Now I'm a bit confused - if this works, then simply joining the Samba
server to the CAMPUS_AUTH domain should also have 'just worked' (with
Samba 3.0), as the unknown client domains would have been mapped to
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20031027/3f80d051/attachment.bin
More information about the samba-technical