diff options
author | Michael Adam <obnox@samba.org> | 2008-05-26 12:22:53 +0200 |
---|---|---|
committer | Michael Adam <obnox@samba.org> | 2008-05-26 16:42:24 +0200 |
commit | 48026d814b665e2a766cbe8b82d9c6b22590a16d (patch) | |
tree | 691c15b2d5bcce06d4ffbd5b556507457eefa796 /source3 | |
parent | a186e598c43cb3a9a3ff7f4626407074cc938e96 (diff) | |
download | samba-48026d814b665e2a766cbe8b82d9c6b22590a16d.tar.gz samba-48026d814b665e2a766cbe8b82d9c6b22590a16d.tar.bz2 samba-48026d814b665e2a766cbe8b82d9c6b22590a16d.zip |
passdb: add comment explaining logic in get_trust_pw_clear().
Michael
(This used to be commit 5f197c659e9c8a573ba5032c7f90c816df45770c)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/passdb/passdb.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 874355da67..d69da8f32e 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -1568,8 +1568,22 @@ bool get_trust_pw_clear(const char *domain, char **ret_pwd, return true; } - /* Here we are a domain member server. We can only be a member - of one domain so ignore the request domain and assume our own */ + /* + * Since we can only be member of one single domain, we are now + * in a member situation: + * + * - Either we are a DC (selfjoined) and the domain is our + * own domain. + * - Or we are on a member and the domain is our own or some + * other (potentially trusted) domain. + * + * In both cases, we can only get the machine account password + * for our own domain to connect to our own dc. (For a member, + * request to trusted domains are performed through our dc.) + * + * So we simply use our own domain name to retrieve the + * machine account passowrd and ignore the request domain here. + */ pwd = secrets_fetch_machine_password(lp_workgroup(), &last_set_time, channel); |