damn, that took a while. nt login password was being stored incorrectly

in private .mac file (oops).  ntlogin test now works.
(This used to be commit c98c66690683965612e9631d77c2dff91ec8a872)

8 files changed, 31 insertions, 29 deletions

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 064e2f32a5..3c7128efff 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -2302,7 +2302,7 @@ uint32 msrpc_sam_enum_aliases( const char* srv_name,
 				ALIAS_INFO_FN(als_inf_fn),
 				ALIAS_MEM_FN(als_mem_fn));
 BOOL create_samr_domain_user( POLICY_HND *pol_dom,
-				const char *acct_name, uint16 acb_info,
+				char *acct_name, uint16 acb_info,
 				const char* password, int plen,
 				uint32 *rid);
 BOOL create_samr_domain_alias( POLICY_HND *pol_open_domain,
@@ -2349,7 +2349,7 @@ BOOL get_samr_query_aliasinfo(
 				uint32 info_level,
 				uint32 alias_rid, ALIAS_INFO_CTR *ctr);
 BOOL msrpc_sam_create_dom_user(const char* srv_name, DOM_SID *sid1,
-				const char *acct_name, uint16 acb_info,
+				char *acct_name, uint16 acb_info,
 				const char *password, int plen,
 				uint32 *rid);
 BOOL msrpc_sam_query_dispinfo(const char* srv_name, const char* domain,
@@ -2516,12 +2516,12 @@ BOOL smb_io_log_info(char *desc,  DOM_LOG_INFO *log, prs_struct *ps, int depth);
 BOOL smb_io_chal(char *desc,  DOM_CHAL *chal, prs_struct *ps, int depth);
 BOOL smb_io_cred(char *desc,  DOM_CRED *cred, prs_struct *ps, int depth);
 BOOL make_clnt_info2(DOM_CLNT_INFO2 *clnt,
-				char *logon_srv, char *comp_name,
+				const char *logon_srv, const char *comp_name,
 				DOM_CRED *clnt_cred);
 BOOL smb_io_clnt_info2(char *desc,  DOM_CLNT_INFO2 *clnt, prs_struct *ps, int depth);
 BOOL make_clnt_info(DOM_CLNT_INFO *clnt,
-		char *logon_srv, char *acct_name,
-		uint16 sec_chan, char *comp_name,
+		const char *logon_srv, const char *acct_name,
+		uint16 sec_chan, const char *comp_name,
 				DOM_CRED *cred);
 BOOL smb_io_clnt_info(char *desc,  DOM_CLNT_INFO *clnt, prs_struct *ps, int depth);
 BOOL make_owf_info(OWF_INFO *hash, uint8 data[16]);
@@ -2587,7 +2587,7 @@ BOOL make_sam_info(DOM_SAM_INFO *sam,
 				const char *logon_srv, const char *comp_name,
 				DOM_CRED *clnt_cred,
 				DOM_CRED *rtn_cred, uint16 logon_level,
-				NET_ID_INFO_CTR *ctr, uint16 validation_level);
+				NET_ID_INFO_CTR *ctr);
 BOOL make_net_user_info3(NET_USER_INFO_3 *usr,
 
 	NTTIME *logon_time,
diff --git a/source3/include/rpc_netlogon.h b/source3/include/rpc_netlogon.h
index 6842fd6e07..31d8a3c1e5 100644
--- a/source3/include/rpc_netlogon.h
+++ b/source3/include/rpc_netlogon.h
@@ -345,14 +345,14 @@ typedef struct sam_info
   DOM_CRED        rtn_cred; /* return credentials */
   uint16          logon_level;
   NET_ID_INFO_CTR *ctr;
-  uint16          validation_level;
 
 } DOM_SAM_INFO;
 
 /* NET_Q_SAM_LOGON */
 typedef struct net_q_sam_logon_info
 {
-    DOM_SAM_INFO sam_id;
+	DOM_SAM_INFO sam_id;
+	uint16          validation_level;
 
 } NET_Q_SAM_LOGON;
 
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index fd6242c996..147578f448 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -416,7 +416,9 @@ BOOL cli_net_sam_logon(const char* srv_name, const char* myhostname,
 
   /* store the parameters */
   make_sam_info(&(q_s.sam_id), srv_name, myhostname,
-         &new_clnt_cred, &dummy_rtn_creds, ctr->switch_value, ctr, validation_level);
+         &new_clnt_cred, &dummy_rtn_creds, ctr->switch_value, ctr);
+
+	q_s.validation_level = validation_level;
 
   /* turn parameters into data stream */
   net_io_q_sam_logon("", &q_s,  &buf, 0);
@@ -481,7 +483,6 @@ BOOL cli_net_sam_logoff(const char* srv_name, const char* myhostname,
   prs_struct rbuf;
   prs_struct buf; 
   NET_Q_SAM_LOGOFF q_s;
-  uint16 validation_level = 3;
   BOOL ok = False;
 
 	struct cli_connection *con = NULL;
@@ -507,7 +508,7 @@ BOOL cli_net_sam_logoff(const char* srv_name, const char* myhostname,
 
   /* store the parameters */
   make_sam_info(&(q_s.sam_id), srv_name, myhostname,
-                &new_clnt_cred, &dummy_rtn_creds, ctr->switch_value, ctr, validation_level);
+                &new_clnt_cred, &dummy_rtn_creds, ctr->switch_value, ctr);
 
   /* turn parameters into data stream */
   net_io_q_sam_logoff("", &q_s,  &buf, 0);
diff --git a/source3/rpc_client/msrpc_samr.c b/source3/rpc_client/msrpc_samr.c
index 49f34fe386..e1392f428f 100644
--- a/source3/rpc_client/msrpc_samr.c
+++ b/source3/rpc_client/msrpc_samr.c
@@ -996,7 +996,7 @@ uint32 msrpc_sam_enum_aliases( const char* srv_name,
 do a SAMR create domain user
 ****************************************************************************/
 BOOL create_samr_domain_user( POLICY_HND *pol_dom,
-				const char *acct_name, uint16 acb_info,
+				char *acct_name, uint16 acb_info,
 				const char* password, int plen,
 				uint32 *rid)
 {
@@ -1028,7 +1028,7 @@ BOOL create_samr_domain_user( POLICY_HND *pol_dom,
 	if (ret == (NT_STATUS_USER_EXISTS | 0xC0000000))
 	{
 		uint32 num_rids;
-		const char *names[1];
+		char *names[1];
 		uint32 type[1];
 
 		names[0] = acct_name;
@@ -1512,7 +1512,7 @@ BOOL get_samr_query_aliasinfo(
 SAM create domain user.
 ****************************************************************************/
 BOOL msrpc_sam_create_dom_user(const char* srv_name, DOM_SID *sid1,
-				const char *acct_name, uint16 acb_info,
+				char *acct_name, uint16 acb_info,
 				const char *password, int plen,
 				uint32 *rid)
 {
@@ -1523,7 +1523,6 @@ BOOL msrpc_sam_create_dom_user(const char* srv_name, DOM_SID *sid1,
 	uint32 user_rid; 
 	POLICY_HND sam_pol;
 	POLICY_HND pol_dom;
-	char *pwd = NULL;
 
 	/* establish a connection. */
 	res = res ? samr_connect( 
@@ -1536,8 +1535,7 @@ BOOL msrpc_sam_create_dom_user(const char* srv_name, DOM_SID *sid1,
 	            &pol_dom) : False;
 
 	/* create a domain user */
-	res2 = res1 ? create_samr_domain_user( 
-				&pol_dom,
+	res2 = res1 ? create_samr_domain_user( &pol_dom,
 	                        acct_name, 
 				acb_info, password, plen, &user_rid) : False;
 
diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c
index fe65aaf4d4..b38f55983d 100644
--- a/source3/rpc_parse/parse_misc.c
+++ b/source3/rpc_parse/parse_misc.c
@@ -978,7 +978,9 @@ BOOL smb_io_dom_rid3(char *desc,  DOM_RID3 *rid3, prs_struct *ps, int depth)
 /*******************************************************************
 makes a DOM_CLNT_SRV structure.
 ********************************************************************/
-static BOOL make_clnt_srv(DOM_CLNT_SRV *log, char *logon_srv, char *comp_name)
+static BOOL make_clnt_srv(DOM_CLNT_SRV *log,
+				const char *logon_srv, 
+				const char *comp_name)
 {
 	if (log == NULL) return False;
 
@@ -1122,7 +1124,7 @@ BOOL smb_io_cred(char *desc,  DOM_CRED *cred, prs_struct *ps, int depth)
 makes a DOM_CLNT_INFO2 structure.
 ********************************************************************/
 BOOL make_clnt_info2(DOM_CLNT_INFO2 *clnt,
-				char *logon_srv, char *comp_name,
+				const char *logon_srv, const char *comp_name,
 				DOM_CRED *clnt_cred)
 {
 	if (clnt == NULL) return False;
@@ -1170,8 +1172,8 @@ BOOL smb_io_clnt_info2(char *desc,  DOM_CLNT_INFO2 *clnt, prs_struct *ps, int de
 makes a DOM_CLNT_INFO structure.
 ********************************************************************/
 BOOL make_clnt_info(DOM_CLNT_INFO *clnt,
-		char *logon_srv, char *acct_name,
-		uint16 sec_chan, char *comp_name,
+		const char *logon_srv, const char *acct_name,
+		uint16 sec_chan, const char *comp_name,
 				DOM_CRED *cred)
 {
 	if (clnt == NULL || cred == NULL) return False;
diff --git a/source3/rpc_parse/parse_net.c b/source3/rpc_parse/parse_net.c
index cd1476e201..455129b6f9 100644
--- a/source3/rpc_parse/parse_net.c
+++ b/source3/rpc_parse/parse_net.c
@@ -884,7 +884,7 @@ BOOL make_sam_info(DOM_SAM_INFO *sam,
 				const char *logon_srv, const char *comp_name,
 				DOM_CRED *clnt_cred,
 				DOM_CRED *rtn_cred, uint16 logon_level,
-				NET_ID_INFO_CTR *ctr, uint16 validation_level)
+				NET_ID_INFO_CTR *ctr)
 {
 	if (sam == NULL) return False;
 
@@ -904,7 +904,6 @@ BOOL make_sam_info(DOM_SAM_INFO *sam,
 
 	sam->logon_level  = logon_level;
 	sam->ctr          = ctr;
-	sam->validation_level = validation_level;
 
 	return True;
 }
@@ -970,8 +969,6 @@ static BOOL smb_io_sam_info(char *desc,  DOM_SAM_INFO *sam, prs_struct *ps, int
 		net_io_id_info_ctr("logon_info", sam->ctr, ps, depth);
 	}
 
-	prs_uint16("validation_level", ps, depth, &(sam->validation_level));
-
 	return True;
 }
 
@@ -1194,6 +1191,8 @@ BOOL net_io_q_sam_logon(char *desc,  NET_Q_SAM_LOGON *q_l, prs_struct *ps, int d
 	prs_align(ps);
 	
 	smb_io_sam_info("", &(q_l->sam_id), ps, depth);           /* domain SID */
+	prs_uint16("validation_level", ps, depth, &(q_l->validation_level));
+
 
 	return True;
 }
diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c
index 89e52ed779..910d75e1f7 100644
--- a/source3/rpcclient/cmd_netlogon.c
+++ b/source3/rpcclient/cmd_netlogon.c
@@ -171,10 +171,12 @@ void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[])
 	/*** clear out the password ***/
 	memset(password, 0, sizeof(password));
 
+#if 0
 	/* ok!  you're logged in!  do anything you like, then... */
 
 	/* do an NT logout */
 	res = res ? cli_nt_logoff(srv_name, info->myhostname, &info->dom.ctr) : False;
+#endif
 
 	report(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n",
 		nt_user_name, BOOLSTR(res));
diff --git a/source3/rpcclient/cmd_samr.c b/source3/rpcclient/cmd_samr.c
index 33deb77f4c..9cbd24f2b1 100644
--- a/source3/rpcclient/cmd_samr.c
+++ b/source3/rpcclient/cmd_samr.c
@@ -770,12 +770,12 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
 
 	if (acb_info == ACB_WSTRUST || acb_info == ACB_SVRTRUST)
 	{
-		upw.uni_str_len = 24;
-		upw.uni_max_len = 24;
+		upw.uni_str_len = 12;
+		upw.uni_max_len = 12;
 		generate_random_buffer((uchar*)upw.buffer,
-		                       upw.uni_str_len, True);
+		                       upw.uni_str_len*2, True);
 		password = (char*)upw.buffer;
-		plen = upw.uni_str_len;
+		plen = upw.uni_str_len * 2;
 	}
 
 	if (msrpc_sam_create_dom_user(srv_name, &sid1,