sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-30 19:42:05 +03:00
Code Activity

auth: Provide a way to use the auth stack for winbindd authentication

Browse Source 
This adds in flags that allow winbindd to request authentication
without directly calling into the auth_sam module.

That in turn will allow winbindd to call auth_samba4 and so permit
winbindd operation in the AD DC.

Andrew Bartlett

Change-Id: I27d11075eb8e1a54f034ee2fdcb05360b4203567
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This commit is contained in:
Andrew Bartlett
2014-03-27 12:58:05 +13:00
parent 2e961bf598
commit 597d2a7a29
9 changed files with 89 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
source3/auth/auth.c
View File

@ -210,6 +210,11 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
TALLOC_CTX *tmp_ctx;
NTSTATUS result;
if (user_info->flags & USER_INFO_LOCAL_SAM_ONLY
&& !(auth_method->flags & AUTH_METHOD_LOCAL_SAM)) {
continue;
}
tmp_ctx = talloc_named(mem_ctx,
0,
"%s authentication for user %s\\%s",
@ -253,7 +258,10 @@ NTSTATUS auth_check_ntlm_password(TALLOC_CTX *mem_ctx,
if (NT_STATUS_IS_OK(nt_status)) {
unix_username = (*pserver_info)->unix_name;
if (!(*pserver_info)->guest) {
/* We skip doing this step if the caller asked us not to */
if (!(user_info->flags & USER_INFO_INFO3_AND_NO_AUTHZ)
&& !(*pserver_info)->guest) {
const char *rhost;
if (tsocket_address_is_inet(user_info->remote_host, "ip")) {