diff options
| author | Günther Deschner <gd@samba.org> | 2008-04-02 02:29:48 +0200 |
|---|---|---|
| committer | Günther Deschner <gd@samba.org> | 2008-04-02 11:12:47 +0200 |
| commit | 99d35904552b01ef9f2adc40e16887da9eb4de69 (patch) | |
| tree | 9362193c6a4a8a3dbc51e51f0c6c39416fd1dbe6 /source3/libsmb/trusts_util.c | |
| parent | 5b07337cc5e853d0f02554593f4eb842191d67e5 (diff) | |
| download | samba-99d35904552b01ef9f2adc40e16887da9eb4de69.tar.gz samba-99d35904552b01ef9f2adc40e16887da9eb4de69.tar.bz2 samba-99d35904552b01ef9f2adc40e16887da9eb4de69.zip | |
Fix NETLOGON credential chain with Windows 2008 all over the place.
In order to avoid receiving NT_STATUS_DOWNGRADE_DETECTED from a w2k8
netr_ServerAuthenticate2 reply, we need to start with the AD netlogon negotiate
flags everywhere (not only when running in security=ads). Only for NT4 we need
to do a downgrade to the returned negotiate flags.
Tested with w2k8, w2ksp4, w2k3r2 and nt4sp6.
Guenther
(This used to be commit 0970369ca0cb9ae465cff40e5c75739824daf1d0)
Diffstat (limited to 'source3/libsmb/trusts_util.c')
| -rw-r--r-- | source3/libsmb/trusts_util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/source3/libsmb/trusts_util.c b/source3/libsmb/trusts_util.c index 8c2f69cee3..c3f5f2538a 100644 --- a/source3/libsmb/trusts_util.c +++ b/source3/libsmb/trusts_util.c @@ -40,7 +40,7 @@ static NTSTATUS just_change_the_password(struct rpc_pipe_client *cli, TALLOC_CTX already have valid creds. If not we must set them up. */ if (cli->auth.auth_type != PIPE_AUTH_TYPE_SCHANNEL) { - uint32 neg_flags = NETLOGON_NEG_SELECT_AUTH2_FLAGS; + uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; result = rpccli_netlogon_setup_creds(cli, cli->cli->desthost, /* server name */ |