[PATCH]: wbc: expand wbcAuthUserParams to pass
alternate domain\user
Steven Danneman
steven.danneman at isilon.com
Tue May 19 23:27:25 GMT 2009
>
> Steven Danneman wrote:
>
> > Eliminating support for "username map" in conjunction with NTLMv2
> would
> > remove the need to pass a second username through wbc. This is of
> > course a decent feature limitation.
>
> I was just curious. Not suggesting it as a real change. Just
> wondering about limiting the scope of the problem.
>
>
> > As far as having the correct domain, which was used to create the
> hash,
> > from the V2Response blob, empirically I haven't seen this. From
> Vista,
> > if a NULL domain is sent, the V2Response blob still contains the
> NetBios
> > name of the server. I've attached a pcap.
>
> Yeah. I see that in the trace. Thanks. Helped a bunch. Not sure
> that we could generalize anything from it. The DNS domain name is
NULL
> as would be expected so I would bet there is some correlation.
> I'll look into it some more, but unless I have any working solution,
> I'd have to agree with the structure change. Of course, that is just
> from a technical code audit PoV and has no real bearing on whether
> the change is accepted into upstream.
>
Thanks for the thorough review and questions. Certainly, changing
existing functionality in the wbc API isn't something that should be
done lightly or without review.
-Steven
More information about the samba-technical
mailing list