I've just looked at the code, and it retest later with username only if it has not got access with the domain name set, so I see no problems at all. Can you provide more informations eventually?
On Fri, 2002-08-16 at 17:21, Jeff Mandel wrote: [snip] > This call supposedly validates the <domain>\<user> string. > On Solaris, with NIS a win98 box tries to connect to a samba PDC. > There's no domain name passed by the win98 client, but the setup for the > string is <domain><winbindseparator><user>. look a few lines later it does another sys_getpwnam() with user name only. > There's no domain - the string is now <><\><user> > 1) If there's no domain, why would a winbind separator do something useful? see above > 2) The wacky thing here is that \user actually returns successful with NIS. > jeff@host% getent passwd jeff > jeff:x:6789:6789::/export/home/jeff:/bin/ksh > jeff@host% getent passwd \jeff > jeff:x:6789:6789::/export/home/jeff:/bin/ksh this test is not right you should write \\jeff to check if NIS really ignores a leading \ because \ is an escape and the shell will interpret \j as pure j I've just setup a linux NIS server and couldn't reproduce this bug, BTW > 3) The valadation doesn't really validate in this case since the value > used is not what the sytem returned: \jeff != jeff, but the check in > reply.c is only for != NULL. When this gets looked up the the samba > password db, failure is certain. There's no \jeff in the samba password > database. what != NULL case do you refer to? > sesssetupX:name=[JEFF] > [2002/08/11 12:21:44, 3] smbd/reply.c:reply_sesssetup_and_X(929) > Using unix username \JEFF > [2002/08/11 12:21:44, 2] smbd/reply.c:reply_sesssetup_and_X(982) > Defaulting to Lanman password for \jeff > [2002/08/11 12:21:44, 1] smbd/password.c:pass_check_smb(545) > Couldn't find user '\jeff' in passdb. > [2002/08/11 12:21:44, 1] smbd/reply.c:reply_sesssetup_and_X(998) > Rejecting user '\jeff': authentication failed This log seem to avail your claim, can you provide informations about client OS, NIS server OS, samba version .... > 4) When the client is win2k which passes a domain in, this code is > called to lookup getpwnam(<domain><sep><user>). Without some special > module, when would a unix system ever return a positive response to this > kind of lookup? see above (if that lookup fails, username alone is tested) Simo. -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399 -- Simo Sorce - [EMAIL PROTECTED] Samba Team - http://www.samba.org
