The Samba-Bugzilla – Bug 2976
Win2k member workstation authentication order different when in Samba domain
Last modified: 2005-08-24 10:25:26 UTC
We have the following:
A: Standalone Windows workstation with userid X and password Y.
B: Win2k workstation member of domain but with local userid X and password Y.
User X logs into workstation A and runs an app that maps a drive to workstation
B. The application does not specify a userid or password in the mapping. We
have no control over the application to change this.
When workstation B is a member of an NT domain this works OK. When workstation
B is a member of a Samba domain the mapping fails.
Created attachment 1365 [details]
sets authoritative field to 0 when domain name doesn't match
It turns out that NT sets the authoritative field in the NetrLogonSamLogon
reponse to 0 when the domain name does not match. Here is the patch that is
working for me.
If the domain is a trusted domain instead of an unknown domain would the NT
server set authoritative to 1.
I tested and NT does set authoritative to 1 when the domain is a trusted domain.
Jim also brought up that we might need to do a case-insensitive match. I'll
get a new patch tested and attached.
Fix from John checked in, r9261. Thanks!
The fix is not the above patch. It also checks if it's not a domain we know and
if the user doesn't exist.
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.