Possibilities for using winbind libs with Samba < 4.2.1
Matthew Newton
mcn4 at leicester.ac.uk
Tue Dec 8 15:02:23 CET 2015
Hi,
On Tue, Dec 08, 2015 at 02:39:54PM +0100, Herwin Weststrate wrote:
> This question is mainly for Matthew, since he is the author of
> auth_wbclient.c. I just tried to use that on our Debian systems, but
> then I saw that Samba version 4.2.1 was required. It seems that this
> version introduced the used method wbcCtxAuthenticateUserEx. Older
> versions (4.1.something on the current Debian stable) do however have a
> wbcAuthenticateUserEx, that looks like it does about the same thing, but
> without the context-object that the first method uses.
Yes... I also wrote wbcCtxAuthenticateUserEx and friends for Samba.
See https://bugzilla.samba.org/show_bug.cgi?id=11149
> Is there a specific reason that you used the functionality from Samba
> 4.2.1, or do you think it could be possible to make it work with older
> versions of Samba as well?
Yes, by adding the patches in that bug report. Should apply easily
to all 4.x versions.
> I'm more than willing to actually write the code myself, but maybe you
> had already concluded that it won't be possible to make it work with
> older versions, than it would be a waste of time to try to make it work.
It won't work without those patches (i.e. you can't change FR to
call wbcAuthenticateUserEx) unless you
a) make mschap non-threaded (which rather defeats the point of this
code)
b) expect lots of auths to fail or FR to crash because the
threads stomp on each other.
Cheers,
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Devel
mailing list