summaryrefslogtreecommitdiff
path: root/source3/rpc_client
diff options
context:
space:
mode:
authorMatthew Chapman <matty@samba.org>2000-05-29 01:23:48 +0000
committerMatthew Chapman <matty@samba.org>2000-05-29 01:23:48 +0000
commitbadb7fc0d21267110e39287c897c0f956f43bb16 (patch)
treeafcd48a971495347de458b5e5a4f8b7de67c5d6b /source3/rpc_client
parent5b5f41d8e0e707bb4e1626f4406b2e46305a5183 (diff)
downloadsamba-badb7fc0d21267110e39287c897c0f956f43bb16.tar.gz
samba-badb7fc0d21267110e39287c897c0f956f43bb16.tar.bz2
samba-badb7fc0d21267110e39287c897c0f956f43bb16.zip
Fixed LsaQueryInformationPolicy level 3 to return primary domain info.
Domain SID is saved in secrets.tdb upon joining domain. Added "Authenticated Users" and "SYSTEM" well-known SIDs (under NT Authority). (This used to be commit 7710b4f48d3e8532df5e37f99a779758f750efdb)
Diffstat (limited to 'source3/rpc_client')
-rw-r--r--source3/rpc_client/cli_lsarpc.c23
-rw-r--r--source3/rpc_client/cli_netlogon.c9
2 files changed, 31 insertions, 1 deletions
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 34201ebc16..8362c1d172 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -379,3 +379,26 @@ BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd)
return True;
}
+
+/****************************************************************************
+obtain a server's SAM SID and save it in the secrets database
+****************************************************************************/
+
+BOOL cli_lsa_get_domain_sid(struct cli_state *cli, char *server)
+{
+ fstring domain, key;
+ POLICY_HND pol;
+ DOM_SID sid;
+ BOOL res, res2, res3;
+
+ res = cli_nt_session_open(cli, PIPE_LSARPC);
+ res2 = res ? do_lsa_open_policy(cli, server, &pol, 0) : False;
+ res3 = res2 ? do_lsa_query_info_pol(cli, &pol, 5, domain, &sid) : False;
+
+ res3 = res3 ? secrets_store_domain_sid(domain, &sid) : False;
+
+ res2 = res2 ? do_lsa_close(cli, &pol) : False;
+ cli_nt_session_close(cli);
+
+ return res3;
+}
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index ce4468d112..0043a1894e 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -579,7 +579,14 @@ Error was : %s.\n", remote_machine, cli_errstr(&cli) ));
* Ok - we have an anonymous connection to the IPC$ share.
* Now start the NT Domain stuff :-).
*/
-
+
+ if(cli_lsa_get_domain_sid(&cli, remote_machine) == False) {
+ DEBUG(0,("modify_trust_password: unable to obtain domain sid from %s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));
+ cli_ulogoff(&cli);
+ cli_shutdown(&cli);
+ return False;
+ }
+
if(cli_nt_session_open(&cli, PIPE_NETLOGON) == False) {
DEBUG(0,("modify_trust_password: unable to open the domain client session to \
machine %s. Error was : %s.\n", remote_machine, cli_errstr(&cli)));