Flushed pending centeris patch queue

[Guenther Deschner]

Hi Jerry,

first of all: wow! an impressing piece of work. I fully understand your 
patch pressure :)

Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hey guys,
> 
> I've pushed out all my pending patches for winbindd except:
> 
> (a) security = ads & machine password change in winbindd
> (b) username map support for winbindd

I send you my UPN logon patch in a separate mail today.

> Since these might possibly require some discussion and general
> agreement, I'll post patches to the list here.
> 
> The major merges are
> 
> 1.  Maintaining the full trust topology (including transitive
>     trusts).  These should be accessed by child processes
>     using the wcache_tdc_xxx() functions.

Could we expand the winbindd_tdc_domain structure more so that it can 
contain at least a flag indicating whether we know if one of the remote 
domains is AD or not? We need to have this to have our "logon offline in 
AD domain, register krb5 ticket gain handler, device comes up, automatic 
ticket aquisition" path still working.

> 4.  Updated set_dc_and_flags() functionality based on trust
>     information from our primary domain.  This means we
>     should be able to avoid contacting remote domains
>     (inside our forest).

This relates to the above then.

> 
> There's other minor fixes. 

One was the LOGON_KRB5_FAIL_CLOCK_SKEW info3 flag, that one you just 
define yourself and is not part of the dc-returned info3 structure, right?

Thanks,
Guenther

-- 
Günther Deschner                    GPG-ID: 8EE11688
Red Hat                         gdeschner at redhat.com
Samba Team                              gd at samba.org