diff options
author | Stefan Metzmacher <metze@samba.org> | 2017-03-22 11:16:47 +0100 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2017-08-07 15:20:03 +0200 |
commit | a6ad56cfa9dfc7488dd328aa752ddd96154f0362 (patch) | |
tree | 4832431b5520f0237419b6fbfb732fa29b1a3726 | |
parent | 690c5e6f36e343f709715214e2368bcb7e67e0fb (diff) | |
download | samba-a6ad56cfa9dfc7488dd328aa752ddd96154f0362.tar.gz |
s4:auth: use "sam winbind" for the netlogon server
This adds authentication support for trusted domains to the
netlogon server.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
-rw-r--r-- | source4/auth/ntlm/auth.c | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/source4/auth/ntlm/auth.c b/source4/auth/ntlm/auth.c index 9aa94bf541e..3424e503b3e 100644 --- a/source4/auth/ntlm/auth.c +++ b/source4/auth/ntlm/auth.c @@ -840,14 +840,11 @@ _PUBLIC_ NTSTATUS auth_context_create_for_netlogon(TALLOC_CTX *mem_ctx, DBG_NOTICE("using deprecated 'auth methods' values.\n"); } else { /* - * We can remove "winbind_rodc sam_failtrusts", - * when we made the netlogon retries to - * to contact winbind via irpc. + * Here we only allow 'sam winbind' instead of + * the 'anonymous sam winbind sam_ignoredomain' + * we typically use for authentication from clients. */ - _auth_methods = str_list_make(mem_ctx, - "sam " - "winbind_rodc sam_failtrusts", - NULL); + _auth_methods = str_list_make(mem_ctx, "sam winbind", NULL); if (_auth_methods == NULL) { return NT_STATUS_NO_MEMORY; } |