mirror of
https://github.com/samba-team/samba.git
synced 2024-12-23 17:34:34 +03:00
Get us a little closer to Windows LSA semantics.
A windows DC does not reply to DCNAME\\Administrator, only to DOMAIN\\Administrator. Fix that. Without winbind we are wrong as domain members, we should forward the request DOMAIN\\Username to the DC on behalf of the asking client. Winbind fixes that nicely. Volker
This commit is contained in:
parent
97a6a67b34
commit
7ed61edbbe
@ -154,6 +154,7 @@ o Volker Lendecke <vl@samba.org>
|
||||
* Implement 'net groupmap set' and 'net groupmap cleanup'.
|
||||
* Add 'net rpc group [add|del]mem' for domain groups and aliases.
|
||||
* Fix wb_delgrpmem (wbinfo -o)
|
||||
* As a DC we should not reply to lsalookupnames on DCNAME\\user
|
||||
|
||||
|
||||
o Herb Lewis <herb@samba.org>
|
||||
|
@ -36,16 +36,7 @@ BOOL lookup_name(const char *domain, const char *name, DOM_SID *psid, enum SID_N
|
||||
/* If we are looking up a domain user, make sure it is
|
||||
for the local machine only */
|
||||
|
||||
if (strequal(global_myname(), domain)) {
|
||||
local_lookup = True;
|
||||
} else if (lp_server_role() == ROLE_DOMAIN_PDC ||
|
||||
lp_server_role() == ROLE_DOMAIN_BDC) {
|
||||
if (strequal(domain, lp_workgroup())) {
|
||||
local_lookup = True;
|
||||
}
|
||||
}
|
||||
|
||||
if (local_lookup) {
|
||||
if (strequal(domain, get_global_sam_name())) {
|
||||
if (local_lookup_name(name, psid, name_type)) {
|
||||
DEBUG(10,
|
||||
("lookup_name: (local) [%s]\\[%s] -> SID %s (type %s: %u)\n",
|
||||
|
Loading…
Reference in New Issue
Block a user