[PATCH] Fix bug #9039 'map untrusted to domain' treats WORKSTATION as bogus domain.

Jeremy Allison jra at samba.org
Fri Feb 22 18:02:35 MST 2013

This bug was caused as a side effect of commit
which explicitly removes our global sam name
from the list of trusted domains (which was the
correct thing to do), but caused this undesirable

Here's my assessment from the bug report:

Absolutely correct! It's a side effect of commit
dc3a90cf21813526854c12db126d08ebf32f8ae5 for sure.

The only other place this is used is in:

source3/rpc_server/netlogon/srv_netlog_nt.c where we have:

1666                 /* If we don't know what this domain is, we need to
1667                    indicate that we are not authoritative.  This
1668                    allows the client to decide if it needs to try
1669                    a local user.  Fix by jpjanosi at us.ibm.com, #2976 */
1670                 if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)
1671                      && !strequal(nt_domain, get_global_sam_name())
1672                      && !is_trusted_domain(nt_domain) )
1673                         *r->out.authoritative = false; /* We are not
authoritative */

Your change adds the same check. I'll get this reviewed and in master.

Can I get a second reviewer please !


-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-bug-9039-map-untrusted-to-domain-treats-WORKSTAT.patch
Type: text/x-diff
Size: 1196 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130222/9bc3159a/attachment.patch>

More information about the samba-technical mailing list