[PATCH] s3-winbindd: Store schannel credentials in secrets.tdb

Andrew Bartlett abartlet at samba.org
Tue Jul 31 17:37:40 MDT 2012

On Tue, 2012-07-31 at 17:21 -0600, Christof Schmitt wrote:
> This fixes a failure from the base.bench-torture test. The test can
> fail when multiple netlogon connections to the same domain controller
> are established. The domain controller only keeps one set of
> credentials for schannel connections, and the discussion in bz #8599
> suggested to store the credentials in a tdb.
> The patch stores the netlogon credentials per domain controller in
> secrets.tdb. If there are already credentials before establishing a
> netlogon session, those credentials are reused. If the reused
> credentials are no longer valid, they are deleted and the netlogon
> session is established with new credentials.

This seems to duplicate the code in libcli/auth/schannel_state_tdb.c
which is used for the same task on the server side.  

I know it might mean sorting this out to be dbwrap aware, but I would
really like to reduce the duplication in this area. 

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba-technical mailing list