svn commit: samba r6219 - in branches/SAMBA_4_0/source: librpc/rpc ntvfs/posix

Andrew Tridgell tridge at osdl.org
Wed Apr 6 23:05:23 GMT 2005


Richard,

 > I was testing Samba 4 joined as a domain member to an NT PDC, and
 > authentication was not working because we could not set up credentials for
 > the NetLogon channel.

Please back this change out, and your pvfs change.

For the schannel work, please add something like this for the moment:

  if (!lp_parm_bool(-1, "schannel", "128bit", True)) {
	p->conn->flags &= ~DCERPC_SCHANNEL_128;
  }

then use "schannel:128bit = False" in smb.conf or --option schannel:128bit=False
on the smbd command line.

That is a short term fix to allow you to do your work. The longer term
fix is to work out the _correct_ way to do this negotiation, and to
fix it rather than a "try one and then try the other" approach. I
would be very surprised to find that w2k->NT4 does this, instead I
would expect that the flags get chosen based on some other negotiation
path.

I know you were just being pragmatic, but it is important that we do
stuff like this properly and not just hack in something that
works. When we don't yet know how to do it properly, it is better to
have an option for the moment.

Cheers, Tridge


More information about the samba-technical mailing list