Rafal Szczesniak wrote: > > On Fri, Sep 06, 2002 at 05:01:25PM +0200, Simo Sorce wrote: > > On Fri, 2002-09-06 at 16:37, Rafal Szczesniak wrote: > > > On Fri, Sep 06, 2002 at 04:42:53PM +0200, Simo Sorce wrote: > > > > > > > > What are you trying to do there? > > > > Why should we replace a domain name with another??? > > > > > > For instance, when lp_allow_trusted_domains() is set to false, > > > then user's domain name should is replaced with our domain name. > > > Authentication modules will then look for username in our domain's > > > SAM instead querying trusted domains. > > > > Can you explain me why we should not simply fail? > > In case of ?
OK, time for an explaination: We can receive all sorts of things in the 'domain' feild from a client. Mostly it's their current domain. If we are a standalone server, or don't trust the domain they supplied, then we replace it with our own for authenticaion. Similarly if we are not using truste domains at all - then every login gets changed to our local domain. However, some parts of the code (NTLMv2 in particular) need the original domain, so we keep that around. Does that make a bit more sense? Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
