diff options
author | Gerald Carter <jerry@samba.org> | 2004-06-03 18:00:22 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:51:53 -0500 |
commit | 9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad (patch) | |
tree | 7b126d923a8a0ee8b02ab43bf54a43ce3344f051 /source3/rpc_client/cli_netlogon.c | |
parent | 4e1b26db3490c6063bf0ea05b8ae7e34a96ca8a9 (diff) | |
download | samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.tar.gz samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.tar.bz2 samba-9dbf2e2419e2ba0f2293b4a7a5971123f34a09ad.zip |
r991: Allow winbindd to use the domain trust account password
for setting up an schannel connection. This solves the problem
of a Samba DC running winbind, trusting a native mode AD domain,
and needing to enumerate AD users via wbinfo -u.
(This used to be commit e9f109d1b38e0b0adec9b7e9a907f90a79d297ea)
Diffstat (limited to 'source3/rpc_client/cli_netlogon.c')
-rw-r--r-- | source3/rpc_client/cli_netlogon.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index f6d88a1950..02d2611d88 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -91,18 +91,25 @@ NTSTATUS cli_net_auth2(struct cli_state *cli, NET_Q_AUTH_2 q; NET_R_AUTH_2 r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + fstring machine_acct; prs_init(&qbuf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL); prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL); + if ( sec_chan == SEC_CHAN_DOMAIN ) + fstr_sprintf( machine_acct, "%s$", lp_workgroup() ); + else + fstrcpy( machine_acct, cli->mach_acct ); + /* create and send a MSRPC command with api NET_AUTH2 */ DEBUG(4,("cli_net_auth2: srv:%s acct:%s sc:%x mc: %s chal %s neg: %x\n", - cli->srv_name_slash, cli->mach_acct, sec_chan, global_myname(), + cli->srv_name_slash, machine_acct, sec_chan, global_myname(), credstr(cli->clnt_cred.challenge.data), *neg_flags)); /* store the parameters */ - init_q_auth_2(&q, cli->srv_name_slash, cli->mach_acct, + + init_q_auth_2(&q, cli->srv_name_slash, machine_acct, sec_chan, global_myname(), &cli->clnt_cred.challenge, *neg_flags); |