summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2007-02-06 05:41:04 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:44:42 -0500
commite47305005221b33e54c318d2e507f56efd4b6b8f (patch)
treeba987f2e652b150d6e205ecfda8e4f3d7a16d475
parent8538af1107a6e894d4941708b77e79fac587e35d (diff)
downloadsamba-e47305005221b33e54c318d2e507f56efd4b6b8f.tar.gz
samba-e47305005221b33e54c318d2e507f56efd4b6b8f.tar.bz2
samba-e47305005221b33e54c318d2e507f56efd4b6b8f.zip
r21175: Fix the kerberos keytab update code to handle deletes.
Fix the join code to know that the ldb layer handles the keytab update. Andrew Bartlett (This used to be commit d3fbc089f4161ae71b21077d50130fdabd8b2d77)
-rw-r--r--source4/auth/kerberos/kerberos_util.c5
-rw-r--r--source4/libnet/libnet_join.c28
2 files changed, 2 insertions, 31 deletions
diff --git a/source4/auth/kerberos/kerberos_util.c b/source4/auth/kerberos/kerberos_util.c
index a68268e697..78fc95b649 100644
--- a/source4/auth/kerberos/kerberos_util.c
+++ b/source4/auth/kerberos/kerberos_util.c
@@ -417,10 +417,9 @@ static int create_keytab(TALLOC_CTX *parent_ctx,
const struct samr_Password *mach_pwd;
mach_pwd = cli_credentials_get_nt_hash(machine_account, mem_ctx);
if (!mach_pwd) {
- DEBUG(1, ("create_keytab: Domain trust informaton for account %s not available\n",
- cli_credentials_get_principal(machine_account, mem_ctx)));
+ /* OK, nothing to do here */
talloc_free(mem_ctx);
- return EINVAL;
+ return 0;
}
ret = krb5_keyblock_init(smb_krb5_context->krb5_context,
ETYPE_ARCFOUR_HMAC_MD5,
diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c
index f47ea410ae..44e2dfe5f0 100644
--- a/source4/libnet/libnet_join.c
+++ b/source4/libnet/libnet_join.c
@@ -860,7 +860,6 @@ static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx,
uint32_t acct_type = 0;
const char *account_name;
const char *netbios_name;
- char *filter;
r->out.error_string = NULL;
@@ -1143,33 +1142,6 @@ static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx,
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- if (r2->out.realm) {
- struct cli_credentials *creds;
- /* Make a credentials structure from it */
- creds = cli_credentials_init(mem_ctx);
- if (!creds) {
- r->out.error_string = NULL;
- talloc_free(tmp_mem);
- return NT_STATUS_NO_MEMORY;
- }
- cli_credentials_set_conf(creds);
- filter = talloc_asprintf(mem_ctx, "dn=%s", ldb_dn_get_linearized(msg->dn));
- status = cli_credentials_set_secrets(creds, NULL, NULL, filter);
- if (!NT_STATUS_IS_OK(status)) {
- r->out.error_string = talloc_asprintf(mem_ctx, "Failed to read secrets for keytab update for %s",
- filter);
- talloc_free(tmp_mem);
- return status;
- }
- ret = cli_credentials_update_keytab(creds);
- if (ret != 0) {
- r->out.error_string = talloc_asprintf(mem_ctx, "Failed to update keytab for %s",
- filter);
- talloc_free(tmp_mem);
- return NT_STATUS_UNSUCCESSFUL;
- }
- }
-
/* move all out parameter to the callers TALLOC_CTX */
r->out.error_string = NULL;
r->out.join_password = r2->out.join_password;