diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-04-16 10:20:14 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-04-16 10:20:14 +0000 |
| commit | 2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7 (patch) | |
| tree | 70203479d0f7bebcbb80e7af48f560715162171a /source3/nsswitch/winbindd_pam.c | |
| parent | f9cde25fa492e071960e0857f5075222119a0d1c (diff) | |
| download | samba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.tar.gz samba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.tar.bz2 samba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.zip | |
Store the type of 'sec channel' that we establish to the DC. If we are a
workstation, we have to use the workstation type, if we have a BDC account,
we must use the BDC type - even if we are pretending to be a workstation
at the moment.
Also actually store and retreive the last change time, so we can do
periodic password changes again (for RPC at least).
And finally, a couple of minor fixes to 'net'.
Andrew Bartlett
(This used to be commit 6e6b7b79edae3efd0197651e9a8ce6775c001cf2)
Diffstat (limited to 'source3/nsswitch/winbindd_pam.c')
| -rw-r--r-- | source3/nsswitch/winbindd_pam.c | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/source3/nsswitch/winbindd_pam.c b/source3/nsswitch/winbindd_pam.c index e49a95f4b8..2998372bd2 100644 --- a/source3/nsswitch/winbindd_pam.c +++ b/source3/nsswitch/winbindd_pam.c @@ -61,7 +61,7 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) fstring name_domain, name_user; unsigned char trust_passwd[16]; time_t last_change_time; - uint32 smb_uid_low; + uint32 sec_channel_type; NET_USER_INFO_3 info3; struct cli_state *cli = NULL; uchar chal[8]; @@ -111,21 +111,20 @@ enum winbindd_result winbindd_pam_auth(struct winbindd_cli_state *state) */ if (!secrets_fetch_trust_account_password( - lp_workgroup(), trust_passwd, &last_change_time)) { + lp_workgroup(), trust_passwd, &last_change_time, + &sec_channel_type)) { DEBUG(0, ("winbindd_pam_auth: could not fetch trust account " "password for domain %s\n", lp_workgroup())); result = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; goto done; } - /* We really don't care what LUID we give the user. */ - - generate_random_buffer( (unsigned char *)&smb_uid_low, 4, False); - ZERO_STRUCT(info3); /* Don't shut this down - it belongs to the connection cache code */ - result = cm_get_netlogon_cli(lp_workgroup(), trust_passwd, &cli); + result = cm_get_netlogon_cli(lp_workgroup(), trust_passwd, + sec_channel_type, + &cli); if (!NT_STATUS_IS_OK(result)) { DEBUG(3, ("could not open handle to NETLOGON pipe\n")); @@ -169,6 +168,7 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) NTSTATUS result; unsigned char trust_passwd[16]; time_t last_change_time; + uint32 sec_channel_type; NET_USER_INFO_3 info3; struct cli_state *cli = NULL; TALLOC_CTX *mem_ctx = NULL; @@ -256,7 +256,8 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) */ if (!secrets_fetch_trust_account_password ( - contact_domain, trust_passwd, &last_change_time)) { + contact_domain, trust_passwd, &last_change_time, + &sec_channel_type)) { DEBUG(0, ("winbindd_pam_auth: could not fetch trust account " "password for domain %s\n", contact_domain)); result = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; @@ -266,7 +267,7 @@ enum winbindd_result winbindd_pam_auth_crap(struct winbindd_cli_state *state) ZERO_STRUCT(info3); /* Don't shut this down - it belongs to the connection cache code */ - result = cm_get_netlogon_cli(contact_domain, trust_passwd, &cli); + result = cm_get_netlogon_cli(contact_domain, trust_passwd, sec_channel_type, &cli); if (!NT_STATUS_IS_OK(result)) { DEBUG(3, ("could not open handle to NETLOGON pipe (error: %s)\n", nt_errstr(result))); |