diff options
author | Sumit Bose <sbose@redhat.com> | 2011-11-22 08:02:20 -0500 |
---|---|---|
committer | Andreas Schneider <asn@cryptomilk.org> | 2011-12-22 17:48:24 +0100 |
commit | 1c8f326dc6367969852d0ac30887428345be9d7d (patch) | |
tree | dae78e3f9c24d1629cd0dd88033d4684bfbfb26d /source3/rpc_server/netlogon | |
parent | 2f5e9aae860b55203c3efd2e558cd27e00f734ed (diff) | |
download | samba-1c8f326dc6367969852d0ac30887428345be9d7d.tar.gz samba-1c8f326dc6367969852d0ac30887428345be9d7d.tar.bz2 samba-1c8f326dc6367969852d0ac30887428345be9d7d.zip |
s3-netlogon: Add support to authenticate trusted domains.
Diffstat (limited to 'source3/rpc_server/netlogon')
-rw-r--r-- | source3/rpc_server/netlogon/srv_netlog_nt.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index f681e909dd..086a0ea3c5 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -907,6 +907,19 @@ NTSTATUS _netr_ServerAuthenticate3(struct pipes_struct *p, srv_flgs |= NETLOGON_NEG_SCHANNEL; } + /* + * Support authenticaten of trusted domains. + * + * These flags are the minimum required set which works with win2k3 + * and win2k8. + */ + if (pdb_capabilities() & PDB_CAP_TRUSTED_DOMAINS_EX) { + srv_flgs |= NETLOGON_NEG_TRANSITIVE_TRUSTS | + NETLOGON_NEG_DNS_DOMAIN_TRUSTS | + NETLOGON_NEG_CROSS_FOREST_TRUSTS | + NETLOGON_NEG_NEUTRALIZE_NT4_EMULATION; + } + switch (p->opnum) { case NDR_NETR_SERVERAUTHENTICATE: fn = "_netr_ServerAuthenticate"; |