s3-winbindd: let winbind try to use samlogon validation level 6. (bug #7945)

The benefit of this that it makes us more robust to secure channel resets
triggered from tools outside the winbind process. Long term we need to have a
shared tdb secure channel store though as well.

Guenther

Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Fri Feb  4 18:11:04 CET 2011 on sn-devel-104

2 files changed, 2 insertions, 0 deletions

diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 0f541cd1e7..05421debbb 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -309,6 +309,7 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
 						      user_info->client.domain_name,       /* domain name */
 						      user_info->workstation_name,         /* workstation name */
 						      chal,                                /* 8 byte challenge. */
+						      3,				   /* validation level */
 						      user_info->password.response.lanman, /* lanman 24 byte response */
 						      user_info->password.response.nt,     /* nt 24 byte response */
 						      &info3);                             /* info3 out */
diff --git a/source3/auth/auth_netlogond.c b/source3/auth/auth_netlogond.c
index 889371c722..1e3ccb1189 100644
--- a/source3/auth/auth_netlogond.c
+++ b/source3/auth/auth_netlogond.c
@@ -88,6 +88,7 @@ static NTSTATUS netlogond_validate(TALLOC_CTX *mem_ctx,
 		user_info->client.domain_name,         /* domain name */
 		user_info->workstation_name,           /* workstation name */
 		(uchar *)auth_context->challenge.data, /* 8 byte challenge. */
+		3,				       /* validation level */
 		user_info->password.response.lanman,   /* lanman 24 byte response */
 		user_info->password.response.nt,       /* nt 24 byte response */
 		&info3);                               /* info3 out */