[PATCH]: wbc: expand wbcAuthUserParams to pass alternate domain\user

Steven Danneman steven.danneman at isilon.com
Tue May 19 23:27:25 GMT 2009

> Steven Danneman wrote:
> > Eliminating support for "username map" in conjunction with NTLMv2
> would
> > remove the need to pass a second username through wbc.  This is of
> > course a decent feature limitation.
> I was just curious.  Not suggesting it as a real change.  Just
> wondering about limiting the scope of the problem.
> > As far as having the correct domain, which was used to create the
> hash,
> > from the V2Response blob, empirically I haven't seen this.  From
> Vista,
> > if a NULL domain is sent, the V2Response blob still contains the
> NetBios
> > name of the server.  I've attached a pcap.
> Yeah.  I see that in the trace.  Thanks.  Helped a bunch.  Not sure
> that we could generalize anything from it.  The DNS domain name is
> as would be expected so I would bet there is some correlation.
> I'll look into it some more, but unless I have any working solution,
> I'd have to agree with the structure change.  Of course, that is just
> from a technical code audit PoV and has no real bearing on whether
> the change is accepted into upstream.

Thanks for the thorough review and questions.  Certainly, changing
existing functionality in the wbc API isn't something that should be
done lightly or without review.


More information about the samba-technical mailing list