[PATCH] Can't authenticate user from child-domain of trusted forest

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon Nov 27 20:21:47 UTC 2017

On Mon, Nov 27, 2017 at 08:50:15PM +0100, Ralph Böhme via samba-technical wrote:
> Hi!
> Attached is a fix for a regression introduced by
> d7e31d9f4d9ce7395e458ac341dd83ac06255a20.
> This results in the inability of winbind to enumerate trusts of trusted forests,
> so we can't authenticate users from any child-domain (or additional tree-roots)
> of the trusted forest.

Can you explain to me why we need the trusted domain cache filled
correctly to just log in? Where in the code path does that fail?

With best regards,

Volker Lendecke

SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
http://www.sernet.de, mailto:kontakt at sernet.de

More information about the samba-technical mailing list