summaryrefslogtreecommitdiff
path: root/README.install
diff options
context:
space:
mode:
authorTobias Klauser <tklauser@distanz.ch>2009-01-03 15:32:12 +0100
committerTobias Klauser <tklauser@distanz.ch>2009-01-03 15:32:12 +0100
commitb04d7c16962c5d3e5f91d5c89853ba97e57ca268 (patch)
treeb082ced3dba84d6f925295ba274f92ab150e2b11 /README.install
parent70a977ca33b5fd445b961f5e7f00578cbc32ad7d (diff)
Change distribution to unstable0.42-1
Diffstat (limited to 'README.install')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-02 17:18:24 +0000
N failure. I compared the packet trace from the smbclient when no domain is passed and, in that case, a default domain from the client smb.conf is taken. Apparently, connection succeeds anyway, because when the domain passed is not valid (in my case WORKGROUP), then the local one is tried and authentication succeeds. I tried with any kind of invalid domain and the result was always a connection. So, trying to interpret what to do and picking a valid domain if none is passed, seems the wrong thing to do. To this end, a new option "domainauto" has been added in case the user wants a mechanism for guessing. Without this patch, backward compatibility also is broken. With kernel 3.10, the default auth mechanism was NTLM. One of our testing servers accepted NTLM and, because no domains are passed, authentication was local. Moving to RawNTLMSSP forced us to change our command line to add a fake domain to pass to prevent this mechanism to kick in. For the same reasons, UPN is broken because the domain is specified in the username. The SMB server will work out the domain from the UPN and authenticate against the right server. Without the patch, though, given the domain is empty, it gets replaced with another domain that could be the wrong one for the authentication. Signed-off-by: Germano Percossi <germano.percossi@citrix.com> Acked-by: Pavel Shilovsky <pshilov@microsoft.com> Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat