From 5cd4b7b7c03df6e896186d985b6858a06aa40b3f Mon Sep 17 00:00:00 2001 From: Steven Danneman Date: Thu, 12 Feb 2009 13:01:45 -0800 Subject: s3: Added new parameter "map untrusted to domain" When enabled this reverts smbd to the legacy domain remapping behavior when a user provides an untrusted domain This partially reverts d8c54fdd --- source3/auth/auth_util.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'source3/auth') diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index f942b2e50a..892e5c4ab7 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -226,14 +226,18 @@ NTSTATUS make_user_info_map(auth_usersupplied_info **user_info, if (!is_trusted_domain(domain) && !strequal(domain, get_global_sam_name()) ) { - domain = get_global_sam_name(); - DEBUG(5, ("Mapped domain from [%s] to [%s] for user [%s] on " + if (lp_map_untrusted_to_domain()) + domain = my_sam_name(); + else + domain = get_global_sam_name(); + DEBUG(5, ("Mapped domain from [%s] to [%s] for user [%s] from " "workstation [%s]\n", client_domain, domain, smb_name, wksta_name)); } - /* we know that it is a trusted domain (and we are allowing them) or it - * is our domain */ + /* We know that the given domain is trusted (and we are allowing them), + * it is our global SAM name, or for legacy behavior it is our + * primary domain name */ result = make_user_info(user_info, smb_name, internal_username, client_domain, domain, wksta_name, -- cgit