master4-schannel-ok

Stefan (metze) Metzmacher metze at samba.org
Mon Jan 20 00:55:28 MST 2014


Hi Andrew,

>>> can you review the attached patches from my master4-schannel-ok
>>> branch.
>>>
>>> It seems that the use computer name in ServerAuthenticate must be at most
>>> 15 characters long.

Here's an updated patchset from my
https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=refs/heads/master4-schannel-ok
branch.

We no longer alter the computer name in a cluster, we instead rely on
ctdb readonly records to keep the performance. It seems that all DCs
from Windows 2000 and Samba 3.0 (lastest) support netrLogonSamLogonEx.
Only Windows NT 4.0 needs netrLogonSamLogon() and locking/write per
authentication,
which would involve cluster communication. But it would be still better
than current situation, where each authentication resets the connection
state
within winbindd of all other cluster nodes.

metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tmp.diff
Type: text/x-diff
Size: 15847 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140120/d841d2bc/attachment.diff>


More information about the samba-technical mailing list