[Samba] Untrusted domains with security=ads
Jonathan Buzzard
jonathan at buzzard.me.uk
Tue Apr 2 09:06:29 MDT 2013
On Tue, 2013-04-02 at 16:28 +0300, Deyan Stoykov wrote:
> Hello everyone,
>
> Samba 3.6.9 on CentOS 6.4. With "security = ads", winbind doesn't
> authenticate requests that prepend a not-existent domain to the
> username. Users that have logged into the domain authenticate
> transparently to squid with NTLM (format is domain\username), but not
> users that are logged in locally or into another domain with the same
> username and password (format is something_else\username). This wasn't
> the case with "security = domain" and a Samba 3 DC:
>
> with security = ads:
See "map untrusted to domain" it defaults to no. The behaviour changed
in 3.4
JAB.
--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.
More information about the samba
mailing list