[PATCH] winbind interface to extract SIDs from PAC
Volker Lendecke
Volker.Lendecke at SerNet.DE
Wed Jul 18 06:09:51 MDT 2012
On Wed, Jul 18, 2012 at 08:03:42AM -0400, simo wrote:
> It would be saner to have a call to prime winbindd cache with a PAC, and
> then just use the normal initgroups calls.
We have the netsamlogon_cache.tdb, smbd primes it after
verifying the ticket. If we extended the wbcAuthUserParams
with a ticket field and called wbcAuthenticateUserEx with
that info, this would be the natural call to prime that
cache from inside winbindd after verification. The initial
code would just extract the exact same info the NTLM call
does.
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de
More information about the samba-technical
mailing list