diff options
author | Jim McDonough <jmcd@samba.org> | 2005-08-12 15:28:19 +0000 |
---|---|---|
committer | Jim McDonough <jmcd@samba.org> | 2005-08-12 15:28:19 +0000 |
commit | 0e3c362a64c4f2bd94d6d607b9b2cd0d7aa60cf2 (patch) | |
tree | e5d60309da9df5fdf269e3b81065d73accfc7f6b | |
parent | a6bcf77bf99e5d37c55ed85582bf280b8d4943a4 (diff) | |
download | samba-0e3c362a64c4f2bd94d6d607b9b2cd0d7aa60cf2.tar.gz samba-0e3c362a64c4f2bd94d6d607b9b2cd0d7aa60cf2.tar.xz samba-0e3c362a64c4f2bd94d6d607b9b2cd0d7aa60cf2.zip |
r9261: Fix #2976: windows member servers wouldn't alloc connections from users
defined locally because if we didn't find them as a DC we were marking
the response as authoritative. Now if it's not a domain we know, we
mark the response non-authoritative.
Fix from jpjanosi@us.ibm.com
-rw-r--r-- | source/rpc_server/srv_netlog_nt.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/source/rpc_server/srv_netlog_nt.c b/source/rpc_server/srv_netlog_nt.c index 388d649c3c1..78ff669d075 100644 --- a/source/rpc_server/srv_netlog_nt.c +++ b/source/rpc_server/srv_netlog_nt.c @@ -716,6 +716,15 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * /* Check account and password */ if (!NT_STATUS_IS_OK(status)) { + /* If we don't know what this domain is, we need to + indicate that we are not authoritative. This + allows the client to decide if it needs to try + a local user. Fix by jpjanosi@us.ibm.com, #2976 */ + if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) + && !strequal(nt_domain, get_global_sam_name()) + && !is_trusted_domain(nt_domain) ) + r_u->auth_resp = 0; /* We are not authoritative */ + free_server_info(&server_info); return status; } |