summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-04-21 14:09:03 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-04-21 14:09:03 +0000
commitf071020f5e49837154581c97c5af5f84d0e2de89 (patch)
tree14c4f4c08cc935145926000a886f8dd718c66e93 /source3/auth
parent06c99d15e217e265d51778268d5b859dff3c478c (diff)
downloadsamba-f071020f5e49837154581c97c5af5f84d0e2de89.tar.gz
samba-f071020f5e49837154581c97c5af5f84d0e2de89.tar.bz2
samba-f071020f5e49837154581c97c5af5f84d0e2de89.zip
Merge from HEAD - save the type of channel used to contact the DC.
This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_domain.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 24a5bb562c..e49a41763b 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -347,6 +347,11 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
"Error was %s.\n", user_info->smb_name.str,
user_info->domain.str, cli->srv_name_slash,
nt_errstr(nt_status)));
+
+ /* map to something more useful */
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_UNSUCCESSFUL)) {
+ nt_status = NT_STATUS_NO_LOGON_SERVERS;
+ }
} else {
nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str,
user_info->smb_name.str, domain, server_info, &info3);
@@ -395,6 +400,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
unsigned char trust_passwd[16];
time_t last_change_time;
const char *domain = lp_workgroup();
+ uint32 sec_channel_type = 0;
if (!user_info || !server_info || !auth_context) {
DEBUG(1,("check_ntdomain_security: Critical variables not present. Failing.\n"));
@@ -417,7 +423,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
* No need to become_root() as secrets_init() is done at startup.
*/
- if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time))
+ if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time, &sec_channel_type))
{
DEBUG(0, ("check_ntdomain_security: could not fetch trust account password for domain '%s'\n", domain));
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
@@ -442,7 +448,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
nt_status = domain_client_validate(mem_ctx, user_info, domain,
(uchar *)auth_context->challenge.data,
server_info,
- password_server, global_myname(), SEC_CHAN_WKSTA, trust_passwd, last_change_time);
+ password_server, global_myname(), sec_channel_type,trust_passwd, last_change_time);
return nt_status;
}