git.samba.org - abartlet/samba.git/.git/commit

git.samba.org / abartlet / samba.git / .git / commit

author	Andrew Bartlett <abartlet@samba.org>
	Mon, 15 Nov 2010 22:30:55 +0000 (09:30 +1100)
committer	Andrew Bartlett <abartlet@samba.org>
	Mon, 15 Nov 2010 23:17:05 +0000 (23:17 +0000)
commit	a32ade647db710ed84565891fca3e65dd609f69d
tree	2e4a7bb6ec562d7a9b6ec547256c1cc6e11da63e	tree
parent	4041640bd6d7f8747c8229b02dbb847056bdaa35	commit \| diff

s4-kdc Don't always regenerate the PAC

The PAC was being regenerated on all normal DCs, because they don't
have a msDS-SecondaryKrbTgtNumber attribute. Instead we need to check
if it's set and not equal to our RODC number, allowing RODCs to trust
the full DCs and itself, but not other RODCs.

Andrew Bartlett

source4/kdc/pac-glue.c

diff | blob | history

Unnamed repository; edit this file to name it for gitweb.

RSS Atom