[PATCH] Can't authenticate user from child-domain of trusted forest

Ralph Böhme slow at samba.org
Tue Nov 28 13:46:37 UTC 2017

On Tue, Nov 28, 2017 at 02:41:12PM +0100, Ralph Böhme wrote:
> On Tue, Nov 28, 2017 at 02:29:30PM +0100, Volker Lendecke wrote:
> > On Tue, Nov 28, 2017 at 12:58:22PM +0100, Ralph Böhme wrote:
> > > auth still fails because add_trusted_domain() will only be called in the domain
> > > child, but not in the parent where we call find_domain_from_name_noinit().
> > 
> > What about that one?
> hm, is this one supposed to go on-top of the previous one?

applied on-top and it works, even with the subdomain behind the outgoing one-way
trust (subdom31):

$ ./bin/smbclient -U "subdom31\administrator%Passw0rd" //localhost/share -c quit
$ ./bin/smbclient -U "subdom11\administrator%Passw0rd" //localhost/share -c quit
$ bin/wbinfo -i "subdom31\administrator"
$ bin/wbinfo -i "subdom11\administrator"


Ralph Boehme, Samba Team       https://samba.org/
Samba Developer, SerNet GmbH   https://sernet.de/en/samba/

More information about the samba-technical mailing list