diff options
author | Andrew Tridgell <tridge@samba.org> | 2010-09-13 12:15:52 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-09-15 15:39:34 +1000 |
commit | 94fb6120d80d05de0f24ea71a93c761517fd4231 (patch) | |
tree | d135a1b5cb2e01930c8307c61c63e76ef47734fa | |
parent | bd51d30809180b64c5c6fc98c2bd79040b93051c (diff) | |
download | samba-94fb6120d80d05de0f24ea71a93c761517fd4231.tar.gz samba-94fb6120d80d05de0f24ea71a93c761517fd4231.tar.bz2 samba-94fb6120d80d05de0f24ea71a93c761517fd4231.zip |
s4-secrets: fetch secure channel type with domain SID
The secure channel type is needed to work out what DC to connect to
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
-rw-r--r-- | source4/param/secrets.c | 16 | ||||
-rw-r--r-- | source4/param/secrets.h | 2 | ||||
-rw-r--r-- | source4/winbind/wb_server.c | 12 | ||||
-rw-r--r-- | source4/winbind/wb_server.h | 1 |
4 files changed, 27 insertions, 4 deletions
diff --git a/source4/param/secrets.c b/source4/param/secrets.c index befe7f3658..8fc595fbb0 100644 --- a/source4/param/secrets.c +++ b/source4/param/secrets.c @@ -101,15 +101,17 @@ struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx, struct loadparm_context *lp_ctx, const char *domain, + enum netr_SchannelType *sec_channel_type, char **errstring) { struct ldb_context *ldb; struct ldb_message *msg; int ldb_ret; - const char *attrs[] = { "objectSid", NULL }; + const char *attrs[] = { "objectSid", "secureChannelType", NULL }; struct dom_sid *result = NULL; const struct ldb_val *v; enum ndr_err_code ndr_err; + *errstring = NULL; ldb = secrets_db_connect(mem_ctx, ev_ctx, lp_ctx); @@ -135,6 +137,18 @@ struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, domain, (char *) ldb_get_opaque(ldb, "ldb_url")); return NULL; } + + if (sec_channel_type) { + int v; + v = ldb_msg_find_attr_as_int(msg, "secureChannelType", -1); + if (v == -1) { + *errstring = talloc_asprintf(mem_ctx, "Failed to find secureChannelType for %s in %s", + domain, (char *) ldb_get_opaque(ldb, "ldb_url")); + return NULL; + } + *sec_channel_type = v; + } + result = talloc(mem_ctx, struct dom_sid); if (result == NULL) { talloc_free(ldb); diff --git a/source4/param/secrets.h b/source4/param/secrets.h index c3227dfbcb..018bd36337 100644 --- a/source4/param/secrets.h +++ b/source4/param/secrets.h @@ -38,12 +38,14 @@ */ struct loadparm_context; struct tevent_context; +enum netr_SchannelType; struct tdb_wrap *secrets_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx); struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx, struct loadparm_context *lp_ctx); struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx, struct loadparm_context *lp_ctx, const char *domain, + enum netr_SchannelType *sec_channel_type, char **errstring); diff --git a/source4/winbind/wb_server.c b/source4/winbind/wb_server.c index ee44f0a240..96dab0acd5 100644 --- a/source4/winbind/wb_server.c +++ b/source4/winbind/wb_server.c @@ -239,7 +239,9 @@ static void winbind_task_init(struct task_server *task) primary_sid = secrets_get_domain_sid(service, service->task->event_ctx, service->task->lp_ctx, - lpcfg_netbios_name(service->task->lp_ctx), &errstring); + lpcfg_netbios_name(service->task->lp_ctx), + &service->sec_channel_type, + &errstring); if (!primary_sid) { char *message = talloc_asprintf(task, "Cannot start Winbind (standalone configuration): %s: " @@ -253,7 +255,9 @@ static void winbind_task_init(struct task_server *task) primary_sid = secrets_get_domain_sid(service, service->task->event_ctx, service->task->lp_ctx, - lpcfg_workgroup(service->task->lp_ctx), &errstring); + lpcfg_workgroup(service->task->lp_ctx), + &service->sec_channel_type, + &errstring); if (!primary_sid) { char *message = talloc_asprintf(task, "Cannot start Winbind (domain member): %s: " "Have you joined the %s domain?", @@ -266,7 +270,9 @@ static void winbind_task_init(struct task_server *task) primary_sid = secrets_get_domain_sid(service, service->task->event_ctx, service->task->lp_ctx, - lpcfg_workgroup(service->task->lp_ctx), &errstring); + lpcfg_workgroup(service->task->lp_ctx), + &service->sec_channel_type, + &errstring); if (!primary_sid) { char *message = talloc_asprintf(task, "Cannot start Winbind (domain controller): %s: " "Have you provisioned the %s domain?", diff --git a/source4/winbind/wb_server.h b/source4/winbind/wb_server.h index 1ffb62e485..7fc778a97b 100644 --- a/source4/winbind/wb_server.h +++ b/source4/winbind/wb_server.h @@ -29,6 +29,7 @@ struct wbsrv_service { struct task_server *task; const struct dom_sid *primary_sid; + enum netr_SchannelType sec_channel_type; struct wbsrv_domain *domains; struct idmap_context *idmap_ctx; const char *priv_pipe_dir; |