[PATCH] Fix idmap_autorid for cross-forest trusts
asn at samba.org
Wed Dec 14 16:07:13 UTC 2016
On Wednesday, 14 December 2016 15:26:11 CET Volker Lendecke wrote:
> idmap_autorid right now refused to map valid users behind a cross-forest
> trust or a one-way trust because it depends on the trust to be listed
> in the winbind tdc cache. Cross-forest trusts don't necessarily end up
> there. This patchset stores all domain sids we've seen via SMB logins
> in netsamlogon_cache and idmap_autorid looks there.
> This could also be used as sample code to get rid of the tdc cache and
> the trustdom list dependency overall.
> It also contains the usual drive-by cleanups.
> Review appreciated!
I've just read to the patchset quickly. This is really great work.
I will review it tomorrow if it hasn't been pushed till then ...
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
More information about the samba-technical