On Sun, 2003-06-29 at 05:39, [EMAIL PROTECTED] wrote: > Date: Sun Jun 29 03:39:50 2003 > Author: jerry > > Update of /data/cvs/samba/source/auth > In directory dp.samba.org:/tmp/cvs-serv16648/auth > > Modified Files: > Tag: SAMBA_3_0 > auth.c auth_domain.c auth_util.c > Log Message: > Here's the code to make winbindd work on a Samba DC > to handle domain trusts. Jeremy and I talked about this > and it's going in as working code. It keeps winbind clean > and solves the trust problem with minimal changes. > > To summarize, there are 2 basic cases where the deadlock would > occur. (1) lookuping up secondary groups for a user, and > (2) get[gr|pw]nam() calls that fall through the NSS layer because > they don't exist anywhere. > > o To handle case #1, we bypass winbindd in sys_getgrouplist() unless > the username includes the 'winbind separator'. > > o Case #2 is handled by adding checks in winbindd to return failure > if we are a DC and the domain matches our own.
Jerry, does this mean it will be more difficult to code & use winbind_passdb on PDCs in future? Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. - http://www.xsec.it via Durando 10 Ed. G - 20158 - Milano mobile: +39 329 328 7702 tel. +39 02 2399 7130 - fax: +39 02 700 442 399
signature.asc
Description: This is a digitally signed message part
