This is in the spirit of the "map untrusted to domain" parameter: We
fall back to the local SAM when we get a non-authoritative NO_SUCH_USER
from our domain controller. With this change we can implement
"map untrusted to domain = auto".
We should not strictly need 'sam' before 'winbind', but it makes
it clearer to read and has the same effect.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=2976
BUG: https://bugzilla.samba.org/show_bug.cgi?id=8630
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Apr 10 05:04:03 CEST 2017 on sn-devel-144
switch (lp_server_role()) {
case ROLE_DOMAIN_MEMBER:
DEBUG(5,("Making default auth method list for server role = 'domain member'\n"));
- methods = "guest sam winbind:ntdomain";
+ methods = "guest sam winbind:ntdomain sam_ignoredomain";
break;
case ROLE_DOMAIN_BDC:
case ROLE_DOMAIN_PDC:
DEBUG(5,("Making default auth method list for DC\n"));
- methods = "guest sam winbind:trustdomain";
+ methods = "guest sam winbind:trustdomain sam_ignoredomain";
break;
case ROLE_STANDALONE:
DEBUG(5,("Making default auth method list for server role = 'standalone server', encrypt passwords = yes\n"));
if (lp_encrypt_passwords()) {
- methods = "guest sam";
+ methods = "guest sam_ignoredomain";
} else {
DEBUG(5,("Making default auth method list for server role = 'standalone server', encrypt passwords = no\n"));
methods = "guest unix";
git.samba.org / ambi / samba-autobuild / .git / commitdiff