svn commit: samba r13895 - branches/SAMBA_3_0/source/nsswitch trunk/source/nsswitch

Andrew Bartlett abartlet at
Sat Mar 11 11:11:27 GMT 2006

On Thu, 2006-03-09 at 17:14 +0100, Guenther Deschner wrote:
> Hi Volker,
> On Mon, Mar 06, 2006 at 08:18:19PM +0000, vlendec at wrote:
> > Author: vlendec
> > Date: 2006-03-06 20:18:18 +0000 (Mon, 06 Mar 2006)
> > New Revision: 13895
> > 
> > WebSVN:
> > 
> > Log:
> > As agreed upon with gd on the phone, remove WBFLAG_PAM_CONTACT_TRUSTDOM. This
> > can not work for NTLM auth, where we only have a workstation account for our
> > own domain. For the PAM Kerberos login we need to find a better way to do
> > this, probably using Dsr_GetDCName and some winbind-crafted krb5.conf.
> The interesting thing is that it *was* working (just verified with two NT4
> domains) and that it is *still* working after your patch. Apparently there
> is no extra work required to make a login with pam_winbind work using
> NTLM. Checking the krb5 case next. 

I'm pretty sure I added this originally.  The flag was meant for when we
are a DC, due to some ideas about loops between winbindd and the
localhost smbd.   But this code changed around a lot...

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list