diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-11-23 00:22:17 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-11-23 00:22:17 +0000 |
| commit | 13a6b9833e7fdd5e4624ccf844e0f9932d9597c1 (patch) | |
| tree | eb0a49f275dd09d09c13d6f08e2aa12517f71ce2 /source3/utils | |
| parent | 354c0fbc91c49f71c4760f88c0fb9e7fba11413c (diff) | |
| download | samba-13a6b9833e7fdd5e4624ccf844e0f9932d9597c1.tar.gz samba-13a6b9833e7fdd5e4624ccf844e0f9932d9597c1.tar.bz2 samba-13a6b9833e7fdd5e4624ccf844e0f9932d9597c1.zip | |
Merge from 3.0:
Add support for variable-length session keys in our client code.
This means that we now support 'net rpc join' with KRB5 (des based)
logins. Now, you need to hack 'net' to do that, but the principal is
important...
When we add kerberos to 'net rpc', it should be possible to still do
user management and the like over RPC.
-
Add server-side support for variable-length session keys (as used by
DES based krb5 logins).
Andrew Bartlett
(This used to be commit 1287cf5f921327c9ea758de46220c4e2dedc485c)
Diffstat (limited to 'source3/utils')
| -rw-r--r-- | source3/utils/net_rpc.c | 2 | ||||
| -rw-r--r-- | source3/utils/net_rpc_join.c | 8 |
2 files changed, 5 insertions, 5 deletions
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 298e8ff669..747fc63e23 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -1727,7 +1727,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli ctr.info.id24 = &p24; result = cli_samr_set_userinfo(cli, mem_ctx, &user_pol, 24, - cli->user_session_key, &ctr); + &cli->user_session_key, &ctr); if (!NT_STATUS_IS_OK(result)) { DEBUG(0,("Could not set trust account password: %s\n", diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index 22ed49c74f..96943468ad 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -70,7 +70,7 @@ int net_rpc_join_ok(const char *domain) /* ensure that schannel uses the right domain */ fstrcpy(cli->domain, domain); if (! NT_STATUS_IS_OK(result = cli_nt_establish_netlogon(cli, channel, stored_md4_trust_password))) { - DEBUG(0,("Error in domain join verfication\n")); + DEBUG(0,("Error in domain join verfication (fresh connection)\n")); goto done; } @@ -282,7 +282,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) ctr.info.id24 = &p24; CHECK_RPC_ERR(cli_samr_set_userinfo(cli, mem_ctx, &user_pol, 24, - cli->user_session_key, &ctr), + &cli->user_session_key, &ctr), "error setting trust account password"); /* Why do we have to try to (re-)set the ACB to be the same as what @@ -304,7 +304,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) as a normal user with "Add workstation to domain" privilege. */ result = cli_samr_set_userinfo2(cli, mem_ctx, &user_pol, 0x10, - cli->user_session_key, &ctr); + &cli->user_session_key, &ctr); /* Now check the whole process from top-to-bottom */ cli_samr_close(cli, mem_ctx, &user_pol); @@ -322,7 +322,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) md4_trust_password); if (!NT_STATUS_IS_OK(result)) { - DEBUG(0, ("Error domain join verification: %s\n\n", + DEBUG(0, ("Error domain join verification (reused connection): %s\n\n", nt_errstr(result))); if ( NT_STATUS_EQUAL(result, NT_STATUS_ACCESS_DENIED) && |