More forest trust related patches
Stefan (metze) Metzmacher
metze at samba.org
Wed Jul 8 07:35:33 CEST 2015
Am 08.07.2015 um 03:16 schrieb Andrew Bartlett:
> On Thu, 2015-07-02 at 14:58 +0200, Stefan (metze) Metzmacher wrote:
>> Am 01.07.2015 um 23:18 schrieb Stefan (metze) Metzmacher:
>>> Am 01.07.2015 um 18:06 schrieb Stefan (metze) Metzmacher:
>>>> Hi Andrew,
>>>>
>>>>>>> can you have a look at my current master4-forest-ok branch?
>>>>>>>
>>>>>>> https://git.samba.org/?p=metze/samba/wip.git;a=shortlog;h=r
>>>>>>> efs/heads/master4-forest-ok
>>>>
>>>> I've uploaded updated patches.
>>>
>>> The commit message of
>>> https://git.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=f56effe
>>> 2aae08c89858dc5f1cf1f44b1e20ada5d
>>>
>>> Needs to be fixed dsdb_trust_routing_tln() is now
>>> dsdb_trust_routing_by_name()...
>>
>> Fixed in the current master4-forest-ok branch.
>
> I've reviewed these and they are in autobuild now!
Thanks!
> One last thing to look at is fixing our SamLogon server in
> dcesrv_netr_LogonSamLogon_base not to set unilaterally:
>
> *r->out.authoritative = 1;
>
> It needs to only be set if we were the trusted domain. Sadly this
> issue will make fixing the trusted domain vs unknown name handling in
> our file server harder :-(
There's even much more required on the netlogon/lsa/drsuapi front.
And all the sid-filtering rules are missing as well as having
identities from other domains as member of (universal?) groups.
But I think it's good to have the basics available in 4.3,
I'll write a WHATSNEW section explaining what should work and what not.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150708/22abcb09/signature.pgp>
More information about the samba-technical
mailing list