Subdomain support in the AD DC!

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Sep 11 14:21:58 CEST 2013


On Wed, Sep 11, 2013 at 02:16:31PM +1200, Andrew Bartlett wrote:
> On Tue, 2013-09-10 at 10:53 +0200, Volker Lendecke wrote:
> > On Tue, Sep 10, 2013 at 10:27:53AM +1200, Andrew Bartlett wrote:
> > > If you want to help out, a specific, defined and useful task you could take on is:
> > > 
> > > Provide an IRPC listener for the SamLogon call, glued in to the existing
> > > SamLogon handlers.  You can use ntlm_auth4
> > > --helper-protocol=squid-2.5-ntlmssp to test it (it speaks the IRPC
> > > protocol when handling NTLMSSP).  You may or may not wish to merge the
> > > messaging code first, but that shouldn't be needed to get it going. 
> > > 
> > > Getting this much working would make a massive difference to being able
> > > to swap in the source3 winbind, and lay the ground-work for the other
> > > calls we need. 
> > 
> > This is called from source4/auth/ntlm/auth_winbind.c?
> 
> Yes.

Question: To me this looks pretty similar to what
wbcAuthenticateUserEx does or can do. What is missing from
that call that makes an irpc interface necessary?

Correct me if I'm wrong, but isn't this one of the core
nested event loops we have? If we wrote a nested-event-loop
wbcAuthenticateUserEx flavor, couldn't that do it as well?

Volker

-- 
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de

*****************************************************************
visit us on it-sa:IT security exhibitions in Nürnberg, Germany
October 8th - 10th 2013, hall 12, booth 333
free tickets available via code 270691 on: www.it-sa.de/gutschein
******************************************************************


More information about the samba-technical mailing list