[PATCH]: wbc: expand wbcAuthUserParams to pass
alternate domain\user
Gerald Carter
jerry at plainjoe.org
Tue May 19 21:20:36 GMT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Steven Danneman wrote:
> Username mapping, for local users, is done pre-authentication so
> that the mapped-to user and password will be used in the authentication
> checks. This is what auth_sam.c does. This gives us the on-the-wire
> user, used in the hash, "smb_name" and the mapped-to user "internal_username".
Steven,
If you disallow "username map" for local NLTMv2 support, would that
simplify the problem? And secondly (forgive me if this is totally
off the wall), could you not just retrieve the original target name from
V2Response blob? I don't have a Vista client handy to verify
the empty domain name right now. So I don't know if the "NetBios
Hostname" (name type 0x1) is the same as the name used when generating
the V2 Hash.
cheers, jerry
- --
=====================================================================
http://www.plainjoe.org/
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFKEyKcIR7qMdg1EfYRAs7gAJ9sfZfNLNJu8xlh0e3otBwnQnpOIQCeKuNV
5I98EfQdmoDODyBg/eS/jfA=
=qN2C
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list