Tuesday, January 4, 2011

Samba - How to ignore trusted domains completely

For reasons similar to those mentioned here by Dmitry Butskoy, I needed to make winbind exclude trusted domains. But like he said, "allow trusted domains = no" doesn't seem to affect winbind in this context.

So I built winbindd from source, commenting out the call to rescan_trusted_domains() as Dmitry mentioned here, and it works exactly how I want now!

Looking at the latest version of Samba, 3.5.6, it appears to still not apply that setting in this context. I think rescan_trusted_domains() ought to check lp_allow_trusted_domains() and return if it is false.

If anyone on the Samba team is reading this, I hope you will consider making that change. Hmm, maybe I should submit a patch...

No comments:

Post a Comment