r7594: abartlet is right that this hack is not actually necessary, it just

prevents a bogus:
  GSS Update failed: Miscellaneous failure (see text): ASN.1 identifier doesn't match expected value
error on every ldap connection. I'll remove it and let the error remain until Andrew
works out a better fix.
(This used to be commit 6123eb2ecad6f53521b546f76954523fbc0fb981)

1 files changed, 2 insertions, 6 deletions

diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index 55ce6ed24d..3c51dc2ba5 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -74,12 +74,8 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
 		gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SIGN);
 		gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SEAL);
 		
-		if (req->creds.SASL.secblob.length >= 7 &&
-		    strncmp(req->creds.SASL.secblob.data, "NTLMSSP", 7) == 0) {
-			status = gensec_start_mech_by_sasl_name(call->conn->gensec, "NTLM");
-		} else {
-			status = gensec_start_mech_by_sasl_name(call->conn->gensec, req->creds.SASL.mechanism);
-		}
+
+		status = gensec_start_mech_by_sasl_name(call->conn->gensec, req->creds.SASL.mechanism);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(1, ("Failed to start GENSEC SASL[%s] server code: %s\n", 
 				req->creds.SASL.mechanism, nt_errstr(status)));