[PATCH v3] fixes account locked when using winbind refresh tickets
Stefan Metzmacher
metze at samba.org
Mon Jan 15 15:43:17 UTC 2018
Hi David,
some more high level questions (as I don't know how winbindd currently
behaves):
- do we try a renew of the existing ticket first?
- what does Windows do in such situations?
- can you explain how this is supposed to work in
complex setups with a lot of domains including one way trusts?
We're currently trying to get winbindd to a state where it doesn't
use LDAP and SAMR anymore, only NETLOGON and LSA LOOKUP *
via schannel secured connections to direct outgoing trusts,
by default.
metze
Am 15.01.2018 um 15:52 schrieb David Mulder via samba-technical:
> Touch ups recommended by Andreas (null initialize, helper variables, etc).
>
> source3/libads/ads_ldap_protos.h | 2 +
> source3/libads/ldap.c | 27 +++++++
> source3/winbindd/winbindd.h | 1 +
> source3/winbindd/winbindd_cred_cache.c | 126
> ++++++++++++++++++++++++++++-----
> source3/winbindd/winbindd_pam.c | 6 +-
> source3/winbindd/winbindd_proto.h | 3 +-
> 6 files changed, 144 insertions(+), 21 deletions(-)
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20180115/2d6477c5/signature.sig>
More information about the samba-technical
mailing list