1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

Get us a little closer to Windows LSA semantics.

A windows DC does not reply to DCNAME\\Administrator, only to
DOMAIN\\Administrator. Fix that.

Without winbind we are wrong as domain members, we should forward the request
DOMAIN\\Username to the DC on behalf of the asking client. Winbind fixes that
nicely.

Volker
(This used to be commit 7ed61edbbe)
This commit is contained in:
Volker Lendecke 2004-03-07 08:22:06 +00:00
parent f52b1acb74
commit b3b93aaa3f
2 changed files with 2 additions and 10 deletions

View File

@ -154,6 +154,7 @@ o Volker Lendecke <vl@samba.org>
* Implement 'net groupmap set' and 'net groupmap cleanup'. * Implement 'net groupmap set' and 'net groupmap cleanup'.
* Add 'net rpc group [add|del]mem' for domain groups and aliases. * Add 'net rpc group [add|del]mem' for domain groups and aliases.
* Fix wb_delgrpmem (wbinfo -o) * Fix wb_delgrpmem (wbinfo -o)
* As a DC we should not reply to lsalookupnames on DCNAME\\user
o Herb Lewis <herb@samba.org> o Herb Lewis <herb@samba.org>

View File

@ -36,16 +36,7 @@ BOOL lookup_name(const char *domain, const char *name, DOM_SID *psid, enum SID_N
/* If we are looking up a domain user, make sure it is /* If we are looking up a domain user, make sure it is
for the local machine only */ for the local machine only */
if (strequal(global_myname(), domain)) { if (strequal(domain, get_global_sam_name())) {
local_lookup = True;
} else if (lp_server_role() == ROLE_DOMAIN_PDC ||
lp_server_role() == ROLE_DOMAIN_BDC) {
if (strequal(domain, lp_workgroup())) {
local_lookup = True;
}
}
if (local_lookup) {
if (local_lookup_name(name, psid, name_type)) { if (local_lookup_name(name, psid, name_type)) {
DEBUG(10, DEBUG(10,
("lookup_name: (local) [%s]\\[%s] -> SID %s (type %s: %u)\n", ("lookup_name: (local) [%s]\\[%s] -> SID %s (type %s: %u)\n",