diff options
| author | Steven Danneman <steven.danneman@isilon.com> | 2009-02-12 13:01:45 -0800 |
|---|---|---|
| committer | Steven Danneman <steven.danneman@isilon.com> | 2009-02-12 13:55:44 -0800 |
| commit | 5cd4b7b7c03df6e896186d985b6858a06aa40b3f (patch) | |
| tree | 8aba35ab96a7efba2b35a7052f6a6e4e0050fe90 /source3/auth | |
| parent | feec49d5cd07a69991d1bc6dc6325ecda21a19a8 (diff) | |
| download | samba-5cd4b7b7c03df6e896186d985b6858a06aa40b3f.tar.gz samba-5cd4b7b7c03df6e896186d985b6858a06aa40b3f.tar.bz2 samba-5cd4b7b7c03df6e896186d985b6858a06aa40b3f.zip | |
s3: Added new parameter "map untrusted to domain"
When enabled this reverts smbd to the legacy domain remapping behavior when
a user provides an untrusted domain
This partially reverts d8c54fdd
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_util.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index f942b2e50a..892e5c4ab7 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -226,14 +226,18 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info, if (!is_trusted_domain(domain) && !strequal(domain, get_global_sam_name()) ) { - domain = get_global_sam_name(); - DEBUG(5, ("Mapped domain from [%s] to [%s] for user [%s] on " + if (lp_map_untrusted_to_domain()) + domain = my_sam_name(); + else + domain = get_global_sam_name(); + DEBUG(5, ("Mapped domain from [%s] to [%s] for user [%s] from " "workstation [%s]\n", client_domain, domain, smb_name, wksta_name)); } - /* we know that it is a trusted domain (and we are allowing them) or it - * is our domain */ + /* We know that the given domain is trusted (and we are allowing them), + * it is our global SAM name, or for legacy behavior it is our + * primary domain name */ result = make_user_info(user_info, smb_name, internal_username, client_domain, domain, wksta_name, |