git.samba.org / janger / samba-autobuild-v4-20-test / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 32c2162) | patch
s3:winbind: Fix idmap_ad creating an invalid local krb5.conf v4-20-test
authorAndreas Schneider <asn@samba.org>
Tue, 28 May 2024 11:54:24 +0000 (13:54 +0200)
committerJule Anger <janger@samba.org>
Wed, 5 Jun 2024 13:54:06 +0000 (15:54 +0200)
commitd83b782031537915f94a534d94d552299c2ec863
tree8c9457fc6871a450cf77d2527b4c500217971a4btree
parent32c2162136a0d7752756aa1b398b6ac54b6fb460commit | diff
s3:winbind: Fix idmap_ad creating an invalid local krb5.conf

In case of a trusted domain, we are providing the realm of the primary
trust but specify the KDC IP of the trusted domain. This leads to
Kerberos ticket requests to the trusted domain KDC which doesn't know
about the machine account. However we need a ticket from our primary
trust KDC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15653

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(backported from commit 8989aa47b7493e6b7978c2efc4a40c781e9a2aee)
source3/winbindd/idmap_ad.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.