How to ignore trusted domains completely?
Gerald (Jerry) Carter
jerry at samba.org
Thu Oct 11 13:28:07 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dmitry Butskoy wrote:
> Our AD has several trusted domains. These domains are reported to
> winbind daemon, and then winbind tries to contact the correspond DCs.
> The "allow trusted domains = no" does not affect winbind in this context.
That would be a BUG IMO. Where still talking about the 3.0.26a
installation with idmap_rid correct?
> I would like to ignore these domains for some reasons:
>
> - Their DCs are very far geographically, the network channels for them
> is too low, or even not reachable at all (from our Samba hosts exactly).
...
> (I am aware of "winbind enum", and don't want to disable this...)
Understood. We still should ignore trusted domains if you tell
us to. So enumeration is not the root cause.
Looking at the code, it appears that disabling trusted domains
regressed. Not sure when.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHDiTnIR7qMdg1EfYRAmWbAJ9G2qO+9Jp7EafVWYHXf3BkLF9I1ACgkHXT
4eEiEkZyYATobxp7H6a01Eg=
=lde/
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list