git.samba.org - ira/wip.git/commit

author	Andrew Bartlett <abartlet@samba.org>
	Mon, 26 Nov 2001 06:47:04 +0000 (06:47 +0000)
committer	Andrew Bartlett <abartlet@samba.org>
	Mon, 26 Nov 2001 06:47:04 +0000 (06:47 +0000)
commit	4499007e45637f172c4afb0ec2e048cf795a3cbe
tree	3baebd215a4f88e90800c8811f54f916ceb2c526	tree
parent	a131c2cfdcd4e10d85e21bcf4b3e45b99054a96c	commit \| diff

A number of things to clean up the auth subsytem a bit...

We now default encrypt passwords = yes

We now check plaintext passwords (however aquired) with the 'sam' backend
rather than unix, if encrypt passwords = yes.

(this kills off the 'local' backed. The sam backend may be renamed in its
place)

The new 'samstrict' wrapper backend checks that the user's domain is one of
our netbios aliases - this ensures that we don't get fallback crazies with
security = domain.

Similarly, the code in the 'ntdomain' and 'smbserver' backends now checks
that the user was not local before contacting the DC.

The default ordering has changed, we now check the local stuff first - but
becouse of the changes above, we will really only ever contact one
auth source.

Andrew Bartlett
(This used to be commit e89b47f65e7eaf5eb288a3d6ba2d3d115c628e7e)

source3/auth/auth.c		diff \| blob \| history
source3/auth/auth_builtin.c		diff \| blob \| history
source3/auth/auth_domain.c		diff \| blob \| history
source3/auth/auth_info.c		diff \| blob \| history
source3/auth/auth_sam.c		diff \| blob \| history
source3/auth/auth_server.c		diff \| blob \| history
source3/param/loadparm.c		diff \| blob \| history