re-allow "net ads" to contact other AD domains

Gerald (Jerry) Carter jerry at
Thu Jul 6 19:16:16 GMT 2006

Hash: SHA1

Guenther Deschner wrote:
> Hi Jerry,
> in the turn of re-allowing the various "net ads" tools to 
> work also against ADs outside our domain (or unjoined
> domains, etc.), I realized that we should better distinguish
> the calls that may go to any server (search, lookup,
> info, etc.) and those that only should go to our own AD
> DC (join, leave, printer publish, keytab, etc.).
> Looks ok? 
> We need to fix that, as there are tools outside relying 
> on e.g. "net ads lookup -S whatever_LDAP_server"
> to actually go to that machine to check for AD support...

Yeah.  The patch looks fine.  I was going to add the
check for a NULL domain in the cldap sednd code as well.
Thanks for that.

Can we hold this until 3.0.23a ?  I mean go ahead and
check it in, but I'll a little nervous about merging to
the release tree at this point.

cheers, jerry
Samba                                    -------
Centeris                         -----------
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE -


More information about the samba-technical mailing list