summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-10-08 00:38:53 +0200
committerGünther Deschner <gd@samba.org>2009-11-04 00:55:09 +0100
commitb3a21474971d3ffd6135011daa5f2fe521f535d1 (patch)
treec2622dbede01c589f5680fc85323a509e96839bb
parent8be9ec604e3208c339263ba1cb59c725255ace9b (diff)
downloadsamba-b3a21474971d3ffd6135011daa5f2fe521f535d1.tar.gz
samba-b3a21474971d3ffd6135011daa5f2fe521f535d1.tar.bz2
samba-b3a21474971d3ffd6135011daa5f2fe521f535d1.zip
s3-netlogon: implement remote trust account changing in netr_LogonControl2Ex() and friends.
Guenther
-rw-r--r--source3/rpc_server/srv_netlog_nt.c41
1 files changed, 41 insertions, 0 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 491754f76a..15ea5ff042 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -95,6 +95,37 @@ WERROR _netr_LogonControl2(pipes_struct *p,
return _netr_LogonControl2Ex(p, &l);
}
+/*************************************************************************
+ *************************************************************************/
+
+static bool wb_change_trust_creds(const char *domain, WERROR *tc_status)
+{
+ wbcErr result;
+ struct wbcAuthErrorInfo *error = NULL;
+
+ result = wbcChangeTrustCredentials(domain, &error);
+ switch (result) {
+ case WBC_ERR_WINBIND_NOT_AVAILABLE:
+ return false;
+ case WBC_ERR_DOMAIN_NOT_FOUND:
+ *tc_status = WERR_NO_SUCH_DOMAIN;
+ return true;
+ case WBC_ERR_SUCCESS:
+ *tc_status = WERR_OK;
+ return true;
+ default:
+ break;
+ }
+
+ if (error && error->nt_status != 0) {
+ *tc_status = ntstatus_to_werror(NT_STATUS(error->nt_status));
+ } else {
+ *tc_status = WERR_TRUST_FAILURE;
+ }
+ wbcFreeMemory(error);
+ return true;
+}
+
/****************************************************************
_netr_LogonControl2Ex
****************************************************************/
@@ -174,6 +205,16 @@ WERROR _netr_LogonControl2Ex(pipes_struct *p,
break;
+ case NETLOGON_CONTROL_CHANGE_PASSWORD:
+ if (!r->in.data || !r->in.data->domain) {
+ return WERR_NOT_SUPPORTED;
+ }
+
+ if (!wb_change_trust_creds(r->in.data->domain, &tc_status)) {
+ return WERR_NOT_SUPPORTED;
+ }
+ break;
+
default:
/* no idea what this should be */
DEBUG(0,("%s: unimplemented function level [%d]\n",