diff options
| author | Gerald Carter <jerry@samba.org> | 2004-06-03 18:00:22 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:51:53 -0500 |
| commit | 9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad (patch) | |
| tree | 7b126d923a8a0ee8b02ab43bf54a43ce3344f051 /source3/auth | |
| parent | 4e1b26db3490c6063bf0ea05b8ae7e34a96ca8a9 (diff) | |
| download | samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.tar.gz samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.tar.bz2 samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.zip | |
r991: Allow winbindd to use the domain trust account password
for setting up an schannel connection. This solves the problem
of a Samba DC running winbind, trusting a native mode AD domain,
and needing to enumerate AD users via wbinfo -u.
(This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
Diffstat (limited to 'source3/auth')
| -rw-r--r-- | source3/auth/auth_util.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 9a03e7fe13..e6cc0fe5b3 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1425,8 +1425,10 @@ BOOL is_trusted_domain(const char* dom_name) /* if we are a DC, then check for a direct trust relationships */ - if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) { + if ( IS_DC ) { become_root(); + DEBUG (5,("is_trusted_domain: Checking for domain trust with [%s]\n", + dom_name )); ret = secrets_fetch_trusted_domain_password(dom_name, &pass, &trustdom_sid, &lct); unbecome_root(); SAFE_FREE(pass); |