[PATCH] DNS and Subdomain patches
Stefan (metze) Metzmacher
metze at samba.org
Wed Sep 3 10:36:21 MDT 2014
Hi Andrew,
>> Except for SAMR (which we should avoid as much as we can) we should only
>> ever contact
>> directly trusted domains and allow the remote dc forward netlogon and
>> lsa requests.
>>
>> In addition to NETLOGON and LSA we could have a drsuapi connection
>> (using krb5)
>> for our own domain and other direct trusts.
>> Windows seems to forward LSA Lookup calls as DsCrackNames calls
>> (maybe only to GC servers).
>
> So, with lots of work to do and a larger refactor of winbindd proposed
> above, how do you suggest we proceed? Are you able to work on some of
> this?
Only small fixes here and there, sorry.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140903/66e33761/attachment.pgp>
More information about the samba-technical
mailing list