Let winbindd work against a FreeIPA server
gd at samba.org
Mon Jan 5 09:01:36 MST 2015
-----BEGIN PGP SIGNED MESSAGE-----
On 05/01/15 16:49, Stefan (metze) Metzmacher wrote:
> here're patches to improve the behavior of winbindd when
> contacting domain controllers of trusted ad domains.
> We should use the same code path as we use with "security = ads"
> for our primary domain, which means using DNS=>CLDAP with a
> fallback to netbios name and dc lookup.
> This is important when talking to FreeIPA DCs, they only provide
> DNS and CLDAP.
> The first patch makes sure we can parse the broken netlogon
> attribute generated by FreeIPA. Someone should try to fix the
> FreeIPA server server to use
> ndr_push_NETLOGON_SAM_LOGON_RESPONSE_EX_with_flags() instead of
> Please review and push...
> Thanks! metze
Günther Deschner GPG-ID: 8EE11688
Red Hat gdeschner at redhat.com
Samba Team gd at samba.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
-----END PGP SIGNATURE-----
More information about the samba-technical