and so it begins....

* remove idmap_XX_to_XX calls from smbd.  Move back to the
  the winbind_XXX and local_XXX calls used in 2.2

* all uid/gid allocation must involve winbindd now

* move flags field around in winbindd_request struct

* add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id()
  to prevent automatic allocation for unknown SIDs

* add 'winbind trusted domains only' parameter to force a domain member
  server to use matching users names from /etc/passwd for its domain
  (needed for domain member of a Samba domain)

* rename 'idmap only' to 'enable rid algorithm' for better clarity
  (defaults to "yes")

code has been tested on

  * domain member of native mode 2k domain
  * ads domain member of native mode 2k domain
  * domain member of NT4 domain
  * domain member of Samba domain
  * Samba PDC running winbindd with trusts

Logons tested using 2k clients and smbclient as domain users
and trusted users. Tested both 'winbind trusted domains only = [yes|no]'

This will be a long week of changes.  The next item on the list is
winbindd_passdb.c & machine trust accounts not in /etc/passwd (done
via winbindd_passdb)
(This used to be commit 8266dffab4aedba12a33289ff32880037ce950a8)

1 files changed, 1 insertions, 1 deletions

diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index 856b8f5a82..aa8f345a5b 100644
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -85,7 +85,7 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
 	ZERO_STRUCT(request);
 	ZERO_STRUCT(response);
 
-	request.data.auth_crap.flags = WINBIND_PAM_INFO3_NDR;
+	request.flags = WBFLAG_PAM_INFO3_NDR;
 
 	push_utf8_fstring(request.data.auth_crap.user, 
 			  user_info->smb_name.str);