http://bugs.winehq.org/show_bug.cgi?id=19781
Kai Blin kai.blin@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |kai.blin@gmail.com
--- Comment #14 from Kai Blin kai.blin@gmail.com 2009-10-14 06:36:00 --- (In reply to comment #11)
The test Hans added is supposed to replicate the problem. Does the test pass for you?
Right, I missed that. Sorry. Nope, as expected it doesn't pass for me either. This is Rob's cached credentials code, I never got the Wine-side credential cache to work myself. :) I know of one user who uses the winbind cached credentials, but the wine cred cache seems to be pretty un-tested (and broken, no big surprise).
(In reply to comment #12)
And yes, the app tries to get an authentication with the local service via rpc.
I think we could cheat our way through this here. I haven't looked into this stuff for a while, but all we need to come up with for the local case is a username/password combination ntlm_auth will accept for the "server" side. You can easily bypass the usual check ntlm_auth does for the server side by running ntlm_auth with --username=user --password=pass --domain=dom
So assuming ntlm_GetCachedCredential() returned user WINE\bob and password secret if there's no real cached credentials... we'll handsomely break winbind-based cached credentials if we need to authenticate against a remote server.
I'll have to give this some more thought. Sorry I can't provide you with a ready solution here.
A long-term fix would be to get Samba winbindd to also be able to authenticate local users (like the local SAM on a windows machine) and store that user's creds in the winbind cache at login time, just like it does for domain logins. Then Wine could always use the winbind credentials cache. Unfortunately, winbindd can't do that quite yet, probably a couple of man-weeks worth of work on Wine and Samba if you know where to look.