Re: [PR PATCH] [Closed]: If samlogon for trusted child domain user fails attempt to reroute reâ¦
github at samba.org
github at samba.org
Thu Dec 13 08:10:53 UTC 2018
There's a closed pull request on the Samba Samba Github repository
If samlogon for trusted child domain user fails attempt to reroute reâ¦
https://github.com/samba-team/samba/pull/47
Description: â¦quest
When kerboros authentication fails we may attempt to fallback to
samlogon. However schannel netlogon connections from a domain child
winbindd to the domain controller when that domain is not 'our'
domain are dissallowed and thus the credentials are not available.
The samlogon request when this happens cannot be serviced. This patch
detects if the samlogon fallback will occur for a non primary domain
winbindd child, in this case it will return a status of
NT_STATUS_MORE_PROCESSING_REQUIRED to the parent.
The parent then will then retry the authentication by chosing and sending
the request to a domain child that should be able to handle it.
Signed-off-by: Noel Power noel.power at suse.com
More information about the samba-technical
mailing list