On 02.04.2013 г. 18:06 ч., Jonathan Buzzard wrote:
On Tue, 2013-04-02 at 16:28 +0300, Deyan Stoykov wrote:
Hello everyone,
Samba 3.6.9 on CentOS 6.4. With "security = ads", winbind doesn't
authenticate requests that prepend a not-existent domain to the
username. Users that have logged into the domain authenticate
transparently to squid with NTLM (format is domain\username), but not
users that are logged in locally or into another domain with the same
username and password (format is something_else\username). This wasn't
the case with "security = domain" and a Samba 3 DC:
with security = ads:
See "map untrusted to domain" it defaults to no. The behaviour changed
in 3.4
I tried with and without "map untrusted to domain" - it doesn't make a
difference. Playing with "auth methods" solves the problem for smbd, but
not for winbind.
--
Deyan Stoykov, [email protected]
System administrator
Computing and Information Services Center
University of Ruse
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
