Author: jmcd
Date: 2005-08-12 15:28:21 +0000 (Fri, 12 Aug 2005)
New Revision: 9262

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=9262

Log:
Fix #2976: windows member servers wouldn't alloc connections from users
defined locally because if we didn't find them as a DC we were marking
the response as authoritative.  Now if it's not a domain we know, we
mark the response non-authoritative.

Fix from [EMAIL PROTECTED]

Modified:
   trunk/source/rpc_server/srv_netlog_nt.c


Changeset:
Modified: trunk/source/rpc_server/srv_netlog_nt.c
===================================================================
--- trunk/source/rpc_server/srv_netlog_nt.c     2005-08-12 15:28:19 UTC (rev 
9261)
+++ trunk/source/rpc_server/srv_netlog_nt.c     2005-08-12 15:28:21 UTC (rev 
9262)
@@ -716,6 +716,15 @@
        /* Check account and password */
     
        if (!NT_STATUS_IS_OK(status)) {
+               /* If we don't know what this domain is, we need to 
+                  indicate that we are not authoritative.  This 
+                  allows the client to decide if it needs to try 
+                  a local user.  Fix by [EMAIL PROTECTED], #2976 */
+                if ( NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER) 
+                    && !strequal(nt_domain, get_global_sam_name())
+                    && !is_trusted_domain(nt_domain) )
+                       r_u->auth_resp = 0; /* We are not authoritative */
+
                free_server_info(&server_info);
                return status;
        }

Reply via email to