summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-04-16 10:20:14 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-04-16 10:20:14 +0000
commit2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7 (patch)
tree70203479d0f7bebcbb80e7af48f560715162171a /source3/auth
parentf9cde25fa492e071960e0857f5075222119a0d1c (diff)
downloadsamba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.tar.gz
samba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.tar.bz2
samba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.zip
Store the type of 'sec channel' that we establish to the DC. If we are a
workstation, we have to use the workstation type, if we have a BDC account, we must use the BDC type - even if we are pretending to be a workstation at the moment. Also actually store and retreive the last change time, so we can do periodic password changes again (for RPC at least). And finally, a couple of minor fixes to 'net'. Andrew Bartlett (This used to be commit 6e6b7b79edae3efd0197651e9a8ce6775c001cf2)
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_domain.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index 7dca5914f0..db5f7d82b0 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -352,6 +352,11 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
"Error was %s.\n", user_info->smb_name.str,
user_info->domain.str, cli->srv_name_slash,
nt_errstr(nt_status)));
+
+ /* map to something more useful */
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_UNSUCCESSFUL)) {
+ nt_status = NT_STATUS_NO_LOGON_SERVERS;
+ }
} else {
nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str,
user_info->smb_name.str, domain, server_info, &info3);
@@ -400,6 +405,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
unsigned char trust_passwd[16];
time_t last_change_time;
const char *domain = lp_workgroup();
+ uint32 sec_channel_type = 0;
if (!user_info || !server_info || !auth_context) {
DEBUG(1,("check_ntdomain_security: Critical variables not present. Failing.\n"));
@@ -422,7 +428,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
* No need to become_root() as secrets_init() is done at startup.
*/
- if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time))
+ if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time, &sec_channel_type))
{
DEBUG(0, ("check_ntdomain_security: could not fetch trust account password for domain '%s'\n", domain));
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
@@ -447,7 +453,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
nt_status = domain_client_validate(mem_ctx, user_info, domain,
(uchar *)auth_context->challenge.data,
server_info,
- password_server, global_myname(), SEC_CHAN_WKSTA, trust_passwd, last_change_time);
+ password_server, global_myname(), sec_channel_type,trust_passwd, last_change_time);
return nt_status;
}