[PATCH] Fix bug #13126 - NTLM authentications using default domain/workgroup stopped working

Samuel Cabrero scabrero at suse.de
Tue Nov 21 11:36:12 UTC 2017


After commit 8e88b56e the winbind parent process does set anymore
auth_crap.domain to the winbind default domain when the domain was not
specified in the request, causing the request to fail with
NT_STATUS_CANT_ACCESS_DOMAIN_INFO.

This commit restores the behavior in the winbind child. If 'winbind use
default domain = yes' and no domain is specified in the request, will
use the default domain. It also allows the domain to be specified in
auth_crap.user as 'DOMAIN\user'.

To test this I have added a new environment where 'winbind use default
domain' is set to true.

Comments and reviews appreciated!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-s3-winbind-Use-default-domain-for-pam_auth_crap-when.patch
Type: text/x-patch
Size: 3285 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20171121/e9efedbc/0002-s3-winbind-Use-default-domain-for-pam_auth_crap-when.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-selftest-Add-tests-for-NTLM-authentication-using-win.patch
Type: text/x-patch
Size: 10508 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20171121/e9efedbc/0001-selftest-Add-tests-for-NTLM-authentication-using-win.bin>


More information about the samba-technical mailing list