From 5197331fe5af0a53e02e642c9e006b19ae92ba19 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 7 Jun 2011 09:07:52 +1000 Subject: s4-auth Move default auth methods back into auth.c This changes auth_methods_from_lp to no longer use the parametric options, and to cope with ROLE_DOMAIN_BDC and ROLE_DOMAIN_PDC. This will assist in calling the source4 auth subsystem with a source3 derived lp_ctx. Andrew Bartlett --- source4/auth/ntlm/auth.c | 10 ++++++---- source4/param/loadparm.c | 3 --- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c index 72338ac3c9..2308b1594d 100644 --- a/source4/auth/ntlm/auth.c +++ b/source4/auth/ntlm/auth.c @@ -488,15 +488,17 @@ _PUBLIC_ NTSTATUS auth_context_create_methods(TALLOC_CTX *mem_ctx, const char ** const char **auth_methods_from_lp(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx) { const char **auth_methods = NULL; + switch (lpcfg_server_role(lp_ctx)) { case ROLE_STANDALONE: - auth_methods = lpcfg_parm_string_list(mem_ctx, lp_ctx, NULL, "auth methods", "standalone", NULL); + auth_methods = str_list_make(mem_ctx, "anonymous sam_ignoredomain", NULL); break; case ROLE_DOMAIN_MEMBER: - auth_methods = lpcfg_parm_string_list(mem_ctx, lp_ctx, NULL, "auth methods", "member server", NULL); + auth_methods = str_list_make(mem_ctx, "anonymous sam winbind", NULL); break; - case ROLE_DOMAIN_CONTROLLER: - auth_methods = lpcfg_parm_string_list(mem_ctx, lp_ctx, NULL, "auth methods", "domain controller", NULL); + case ROLE_DOMAIN_BDC: + case ROLE_DOMAIN_PDC: + auth_methods = str_list_make(mem_ctx, "anonymous sam_ignoredomain winbind", NULL); break; } return auth_methods; diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c index fba09fa2c4..ae29f69fea 100644 --- a/source4/param/loadparm.c +++ b/source4/param/loadparm.c @@ -2464,9 +2464,6 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) lpcfg_do_global_parameter(lp_ctx, "ntptr providor", "simple_ldb"); /* the winbind method for domain controllers is for both RODC auth forwarding and for trusted domains */ - lpcfg_do_global_parameter(lp_ctx, "auth methods:domain controller", "anonymous sam_ignoredomain winbind"); - lpcfg_do_global_parameter(lp_ctx, "auth methods:member server", "anonymous sam winbind"); - lpcfg_do_global_parameter(lp_ctx, "auth methods:standalone", "anonymous sam_ignoredomain"); lpcfg_do_global_parameter(lp_ctx, "private dir", dyn_PRIVATE_DIR); lpcfg_do_global_parameter(lp_ctx, "spoolss database", "spoolss.ldb"); lpcfg_do_global_parameter(lp_ctx, "wins config database", "wins_config.ldb"); -- cgit