On Thu, 18 Mar 2004, Graeme Bisset wrote:
> Should the samba helper (run with the
> --helper-protocol=squid-2.5-ntlmssp argument) not correspond to the
> following protocol?
>
> http://devel.squid-cache.org/ntlm/squid_helper_protocol.html
>
> If so, then it is not as it doesn't always return the username in the
> domain\user form.
The format of the usernames is free to the helper to decide.
> I could force it in ntlm_auth.c for my own use but is it actually a
> samba bug that should be fixed?
If no domain is returned on accounts in trusted domains then yes.
It can be argued if not returning the domain on accounts in the member
domain is a bug or a feature.
> I know this is venturing into samba code but it is squid related. Would
> I be correct in replacing the line
>
> x_fprintf(x_stdout, "AF %s\n", (char *)ntlmssp_state->auth_context);
>
> with something along the lines of
>
> x_fprintf(x_stdout, "AF %s%c%s\n", (char *)ntlmssp_state->domain,
> winbind_separator(), (char *)ntlmssp_state->user);
Probably. Have not looked at the Samba code lately.
I think many would like to have this configurable however, at least when
the domain is equal to the server memeber domain..
Regards
Henrik
Received on Thu Mar 18 2004 - 16:59:52 MST
This archive was generated by hypermail pre-2.1.9 : Thu Apr 01 2004 - 12:00:02 MST