how flexible is domain authentication?

Andrew Bartlett abartlet at
Sun Oct 26 21:34:09 GMT 2003

On Mon, 2003-10-27 at 06:50, Brandon Craig Rhodes wrote:
> Brandon Craig Rhodes <brandon at> writes:
> > This sounds almost exactly like what we need; say, a configuration
> > file option "rewrite user domain = CAMPUS_AUTH" that causes all users
> > trying to authenticate to appear to be in the foreign "CAMPUS_AUTH"
> > domain, rather than in the local domain of the group-level server.
> >
> > ... Where in the code is the process you outlined above - where an
> > unrecognized client domain is rewritten - undertaken?
> Update: on a whim I searched the source tree for "unknown domain" and
> was whisked directly to the make_user_info_map() function which seems
> precisely the function I want to modify.  I am going to try to add the
> above-described feature and may post a patch as early as tonight if it
> works, so others caught in our situation might find a way out.

Now I'm a bit confused - if this works, then simply joining the Samba
server to the CAMPUS_AUTH domain should also have 'just worked' (with
Samba 3.0), as the unknown client domains would have been mapped to

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list