[PATCH]: wbc: expand wbcAuthUserParams to pass alternate domain\user

Gerald Carter jerry at plainjoe.org
Tue May 19 23:16:35 GMT 2009

Hash: SHA1

Steven Danneman wrote:

> Eliminating support for "username map" in conjunction with NTLMv2 would
> remove the need to pass a second username through wbc.  This is of
> course a decent feature limitation.

I was just curious.  Not suggesting it as a real change.  Just
wondering about limiting the scope of the problem.

> As far as having the correct domain, which was used to create the hash,
> from the V2Response blob, empirically I haven't seen this.  From Vista,
> if a NULL domain is sent, the V2Response blob still contains the NetBios
> name of the server.  I've attached a pcap.

Yeah.  I see that in the trace.  Thanks.  Helped a bunch.  Not sure
that we could generalize anything from it.  The DNS domain name is NULL
as would be expected so I would bet there is some correlation.
I'll look into it some more, but unless I have any working solution,
I'd have to agree with the structure change.  Of course, that is just
from a technical code audit PoV and has no real bearing on whether
the change is accepted into upstream.

cheers, jerry
- --
http://git.plainjoe.org/                                         CODE
"What man is a man who does not make the world better?"      --Balian
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the samba-technical mailing list