diff options
| author | Volker Lendecke <vl@samba.org> | 2009-08-26 14:56:41 +0200 |
|---|---|---|
| committer | Volker Lendecke <vl@samba.org> | 2009-08-26 15:28:06 +0200 |
| commit | b824b1b7bf19b4b8c64b7c2c5a6a1d3287820088 (patch) | |
| tree | d82e327e9134f2bbac5e3f4881be3906f9fe74be /source3/include | |
| parent | da99e3a724b493ba47a06d0704b891819ad16647 (diff) | |
| download | samba-b824b1b7bf19b4b8c64b7c2c5a6a1d3287820088.tar.gz samba-b824b1b7bf19b4b8c64b7c2c5a6a1d3287820088.tar.bz2 samba-b824b1b7bf19b4b8c64b7c2c5a6a1d3287820088.zip | |
Add a parameter to disable the automatic creation of krb5.conf files
This is necessary because MIT 1.5 can't deal with certain types (Tree Root) of
transitive AD trusts. The workaround is to add a [capaths] directive to
/etc/krb5.conf, which we don't automatically put into the krb5.conf winbind
creates.
The alternative would have been something like a "krb5 conf include", but I
think if someone has to mess with /etc/krb5.conf at this level, it should be
easy to add the site-local KDCs as well.
Next alternative is to correctly figure out the [capaths] parameter for all
trusted domains, but for that I don't have the time right now. Sorry :-)
Diffstat (limited to 'source3/include')
| -rw-r--r-- | source3/include/proto.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 44f6685dac..50ac834307 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3998,6 +3998,7 @@ bool lp_winbind_refresh_tickets(void); bool lp_winbind_offline_logon(void); bool lp_winbind_normalize_names(void); bool lp_winbind_rpc_only(void); +bool lp_create_krb5_conf(void); const char **lp_idmap_domains(void); const char *lp_idmap_backend(void); char *lp_idmap_alloc_backend(void); |