Bug 13196 - In offline mode, 'wbinfo -K' behave differently if 'winbind use default domain = yes'
In offline mode, 'wbinfo -K' behave differently if 'winbind use default domai...
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind
4.5.12
All All
: P5 minor
: ---
Assigned To: Samba QA Contact
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-12-20 10:34 UTC by Marco Gaiarin
Modified: 2017-12-20 15:39 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marco Gaiarin 2017-12-20 10:34:36 UTC
In my domain i use 'winbind use default domain = yes'.

I've also enabled ''offline logons'' following the samba wiki, and i've noted that (in 'smbcontrol winbind offline' mode):

 root@vdmsv1:~# wbinfo -K LNFFVG\\gaio
 Enter LNFFVG\gaio's password:
 plaintext kerberos password authentication for [LNFFVG\gaio] succeeded (requesting cctype: FILE)
 user_flgs: NETLOGON_CACHED_ACCOUNT
 credentials were put in: FILE:/tmp/krb5cc_0

 root@vdmsv1:~# wbinfo -K gaio
 Enter gaio's password:
 plaintext kerberos password authentication for [gaio] succeeded (requesting cctype: FILE)
 credentials were put in: FILE:/tmp/krb5cc_0

eg, only using the domainful user ('LNFFVG\gaio') wbinfo reply adding 'user_flgs: NETLOGON_CACHED_ACCOUNT', using the short form no.

I've done some auth test, and cached credentials works as expected, simply wbinfo reply in different way.

Thanks.