summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-01-08 08:19:18 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-01-08 08:19:18 +0000
commit7d068355aae99060acac03c6633509545aa782a4 (patch)
treefe5606d8c17978e6ff793d9dfe80668c4697acfc /docs
parentc69e4746d08fb90d77cbe58b29801e25999b5774 (diff)
downloadsamba-7d068355aae99060acac03c6633509545aa782a4.tar.gz
samba-7d068355aae99060acac03c6633509545aa782a4.tar.bz2
samba-7d068355aae99060acac03c6633509545aa782a4.zip
This merges in my 'always use ADS' patch. Tested on a mix of NT and ADS
domains, this patch ensures that we always use the ADS backend when security=ADS, and the remote server is capable. The routines used for this behaviour have been upgraded to modern Samba codeing standards. This is a change in behaviour for mixed mode domains, and if the trusted domain cannot be reached with our current krb5.conf file, we will show that domain as disconnected. This is in line with existing behaviour for native mode domains, and for our primary domain. As a consequence of testing this patch, I found that our kerberos error handling was well below par - we would often throw away useful error values. These changes move more routines to ADS_STATUS to return kerberos errors. Also found when valgrinding the setup, fix a few memory leaks. While sniffing the resultant connections, I noticed we would query our list of trusted domains twice - so I have reworked some of the code to avoid that. Andrew Bartlett (This used to be commit 7c34de8096b86d2869e7177420fe129bd0c7541d)
Diffstat (limited to 'docs')
0 files changed, 0 insertions, 0 deletions