summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-09-13 11:38:12 +1000
committerAndrew Tridgell <tridge@samba.org>2010-09-15 15:39:34 +1000
commitbd51d30809180b64c5c6fc98c2bd79040b93051c (patch)
tree6684b4a3923adb0f28bbb9f2849278d23bedd4cd
parent67ac8555b1e80aed07e420bca63e5c133c63fb5e (diff)
downloadsamba-bd51d30809180b64c5c6fc98c2bd79040b93051c.tar.gz
samba-bd51d30809180b64c5c6fc98c2bd79040b93051c.tar.bz2
samba-bd51d30809180b64c5c6fc98c2bd79040b93051c.zip
s4-auth: when we are a DC enable winbind auth
As a RODC we need to forward some auth requests to a writable DC Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
-rw-r--r--source4/param/loadparm.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c
index bbc8323198..95d275535c 100644
--- a/source4/param/loadparm.c
+++ b/source4/param/loadparm.c
@@ -2352,7 +2352,9 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx)
lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper srvsvc wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi winreg dssetup unixinfo browser");
lpcfg_do_global_parameter(lp_ctx, "server services", "smb rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate");
lpcfg_do_global_parameter(lp_ctx, "ntptr providor", "simple_ldb");
- lpcfg_do_global_parameter(lp_ctx, "auth methods:domain controller", "anonymous sam_ignoredomain");
+ /* the winbind method for domain controllers is for both RODC
+ auth forwarding and for trusted domains */
+ lpcfg_do_global_parameter(lp_ctx, "auth methods:domain controller", "anonymous sam_ignoredomain winbind");
lpcfg_do_global_parameter(lp_ctx, "auth methods:member server", "anonymous sam winbind");
lpcfg_do_global_parameter(lp_ctx, "auth methods:standalone", "anonymous sam_ignoredomain");
lpcfg_do_global_parameter(lp_ctx, "private dir", dyn_PRIVATE_DIR);