Winbind offline mode
Guenther Deschner
gd at samba.org
Tue Feb 7 17:58:36 GMT 2006
Hi Volker,
On Mon, Feb 06, 2006 at 11:38:34PM +0100, Volker Lendecke wrote:
> Hi, Günther!
>
> Playing with winbind offline mode... I needed the attached
> patch to make the obvious test work in an NT4 domain:
>
> I started winbind, ran wbinfo -a, told it to go offline with
> smbcontrol, ran wbinfo -a again, and it would not work as is
> right now.
>
> Two reasons:
>
> A valid name2sid entry is needed in the cache. Probably a
> full PAM login gets that, but wbinfo -a does not.
Right.
> NT4 gives 0 as account flags in the samlogon info3 response.
> So the test in winbindd_dual_pam_auth_cached failed for me.
This is weird, but actually there are quite some subtile differences
between the info3 in a samlogon reply and in the Kerberos PAC.
>
> You might want to consider the patch.
Thanks a lot!
Guenther
--
Günther Deschner GPG-ID: 8EE11688
Novell / SUSE LINUX gd at suse.de
Samba Team gd at samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060207/0453a044/attachment.bin
More information about the samba-technical
mailing list