diff options
Diffstat (limited to 'meta-oe/recipes-connectivity/samba/samba-4.1.12/08-fix-idmap-ad-sfu-with-trusted-domains.patch')
-rw-r--r-- | meta-oe/recipes-connectivity/samba/samba-4.1.12/08-fix-idmap-ad-sfu-with-trusted-domains.patch | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/meta-oe/recipes-connectivity/samba/samba-4.1.12/08-fix-idmap-ad-sfu-with-trusted-domains.patch b/meta-oe/recipes-connectivity/samba/samba-4.1.12/08-fix-idmap-ad-sfu-with-trusted-domains.patch new file mode 100644 index 000000000..394a64008 --- /dev/null +++ b/meta-oe/recipes-connectivity/samba/samba-4.1.12/08-fix-idmap-ad-sfu-with-trusted-domains.patch | |||
@@ -0,0 +1,44 @@ | |||
1 | From dc6b86b93c8f059b0cc96c364ffad05c88b7d92e Mon Sep 17 00:00:00 2001 | ||
2 | From: Christof Schmitt <cs@samba.org> | ||
3 | Date: Fri, 22 Aug 2014 09:15:59 -0700 | ||
4 | Subject: [PATCH] s3-winbindd: Use correct realm for trusted domains in idmap child | ||
5 | |||
6 | When authenticating users in a trusted domain, the idmap_ad module | ||
7 | always connects to a local DC instead of one in the trusted domain. | ||
8 | |||
9 | Fix this by passing the correct realm to connect to. | ||
10 | |||
11 | Also Comment parameters passed to ads_cached_connection_connect | ||
12 | |||
13 | Signed-off-by: Christof Schmitt <cs@samba.org> | ||
14 | Reviewed-by: Jeremy Allison <jra@samba.org> | ||
15 | (cherry picked from commit c203c722e7e22f9146f2ecf6f42452c0e82042e4) | ||
16 | --- | ||
17 | source3/winbindd/winbindd_ads.c | 11 +++++++++-- | ||
18 | 1 files changed, 9 insertions(+), 2 deletions(-) | ||
19 | |||
20 | diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c | ||
21 | index 4c26389..e47613e 100644 | ||
22 | --- a/source3/winbindd/winbindd_ads.c | ||
23 | +++ b/source3/winbindd/winbindd_ads.c | ||
24 | @@ -187,8 +187,15 @@ ADS_STATUS ads_idmap_cached_connection(ADS_STRUCT **adsp, const char *dom_name) | ||
25 | } | ||
26 | } | ||
27 | |||
28 | - status = ads_cached_connection_connect(adsp, realm, dom_name, ldap_server, | ||
29 | - password, realm, 0); | ||
30 | + status = ads_cached_connection_connect( | ||
31 | + adsp, /* Returns ads struct. */ | ||
32 | + wb_dom->alt_name, /* realm to connect to. */ | ||
33 | + dom_name, /* 'workgroup' name for ads_init */ | ||
34 | + ldap_server, /* DNS name to connect to. */ | ||
35 | + password, /* password for auth realm. */ | ||
36 | + realm, /* realm used for krb5 ticket. */ | ||
37 | + 0); /* renewable ticket time. */ | ||
38 | + | ||
39 | SAFE_FREE(realm); | ||
40 | |||
41 | return status; | ||
42 | -- | ||
43 | 1.7.1 | ||
44 | |||