[PATCH]: wbc: expand wbcAuthUserParams to pass alternate domain\user

Kai Blin kai at samba.org
Tue May 19 08:02:35 GMT 2009


On Tuesday 19 May 2009 09:44:33 Stefan (metze) Metzmacher wrote:
> Hi Steven,
>
> > We need to expand the wbcAuthUserEx() interface somehow to allow passing
> > an alternate DOMAIN\user combination to our auth daemon.  This is
> > necessary when the auth daemon is checking an NTLMv2 hash, which was
> > built using the on-the-wire DOMAIN\user combination, but smbd has mapped
> > the domain to the server's local sam name (via make_user_info_map()) or
> > smbd has mapped the user (via the "username map" parameter).
>
> Does the auth daemon really needs both names?
> Maybe we can change the auth_wbc module to only pass the names needed
> for NTLMv2 in the account_name and domain_name fields of struct
> wbcAuthUserParms.

I should have thought of that. :) That sounds like the better solution.

What metze said.
Kai


-- 
Kai Blin
WorldForge developer  http://www.worldforge.org/
Wine developer        http://wiki.winehq.org/KaiBlin
Samba team member     http://www.samba.org/samba/team/
--
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/samba-technical/attachments/20090519/a9d2d422/attachment.bin


More information about the samba-technical mailing list