A possible approach to handling SID compression on member servers ...
Andrew Bartlett
abartlet at samba.org
Sat Jun 14 18:38:40 MDT 2014
On Sat, 2014-06-14 at 12:53 -0700, Richard Sharpe wrote:
> Hi folks,
>
> Here is what I am thinking of. It is incomplete, in that the meat
> needs to be added, but I merge the resource SIDs into the ExtraSIDS
> portion of the info3 before we create the server_info structure.
>
> This also means that we save the correct set of SIDs in the
> netsamlogon cache as well.
>
> Since we throw away the logon_info structure we extract from the PAC
> it should not matter that we modify it.
>
> Let me know if there are any violent objections.
I would much rather to do this on a copy, as style of accessor function.
We have functions to copy this structure (which at the same time should
be rewritten to use a pull/push via NDR).
That is, something like get_full_info3_from_PAC().
Also, make sure you handle (or remove, if obsolete) the calls in
source3/winbindd/winbind_pam.c
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list