summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorRichard Sharpe <realrichardsharpe@gmail.com>2013-02-26 20:22:05 -0800
committerJeremy Allison <jra@samba.org>2013-02-27 21:49:25 +0100
commita125ebe9a5f3b9801b99bdffd12d565fc6fdcf07 (patch)
tree8103fcdaa758f6828a9454028a6b3d0dff5043f8 /source3
parentbb0e4cbc3c30137245ca6b6cf9d74812ad17cee1 (diff)
downloadsamba-a125ebe9a5f3b9801b99bdffd12d565fc6fdcf07.tar.gz
samba-a125ebe9a5f3b9801b99bdffd12d565fc6fdcf07.tar.bz2
samba-a125ebe9a5f3b9801b99bdffd12d565fc6fdcf07.zip
Make sure that domain joins work correctly when the DC disallows NTLM auth.
Signed-Off-By: Richard Sharpe <realrichardsharpe@gmail.com> Reviewed-By: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Feb 27 21:49:25 CET 2013 on sn-devel-104
Diffstat (limited to 'source3')
-rw-r--r--source3/libnet/libnet_join.c14
-rw-r--r--source3/libnet/libnet_join.h3
2 files changed, 13 insertions, 4 deletions
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 3d0a6d30b8..2b4ab0bf9e 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1170,7 +1170,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx,
NTSTATUS libnet_join_ok(const char *netbios_domain_name,
const char *machine_name,
- const char *dc_name)
+ const char *dc_name,
+ const bool use_kerberos)
{
uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
struct cli_state *cli = NULL;
@@ -1179,6 +1180,7 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name,
NTSTATUS status;
char *machine_password = NULL;
char *machine_account = NULL;
+ int flags = 0;
if (!dc_name) {
return NT_STATUS_INVALID_PARAMETER;
@@ -1199,6 +1201,10 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name,
return NT_STATUS_NO_MEMORY;
}
+ if (use_kerberos) {
+ flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
+ }
+
status = cli_full_connection(&cli, NULL,
dc_name,
NULL, 0,
@@ -1206,7 +1212,7 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name,
machine_account,
NULL,
machine_password,
- 0,
+ flags,
SMB_SIGNING_DEFAULT);
free(machine_account);
free(machine_password);
@@ -1277,7 +1283,8 @@ static WERROR libnet_join_post_verify(TALLOC_CTX *mem_ctx,
status = libnet_join_ok(r->out.netbios_domain_name,
r->in.machine_name,
- r->in.dc_name);
+ r->in.dc_name,
+ r->in.use_kerberos);
if (!NT_STATUS_IS_OK(status)) {
libnet_join_set_error_string(mem_ctx, r,
"failed to verify domain membership after joining: %s",
@@ -2084,6 +2091,7 @@ static WERROR libnet_join_rollback(TALLOC_CTX *mem_ctx,
u->in.admin_account = r->in.admin_account;
u->in.admin_password = r->in.admin_password;
u->in.modify_config = r->in.modify_config;
+ u->in.use_kerberos = r->in.use_kerberos;
u->in.unjoin_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE;
diff --git a/source3/libnet/libnet_join.h b/source3/libnet/libnet_join.h
index dccf03b715..58c33b2dbc 100644
--- a/source3/libnet/libnet_join.h
+++ b/source3/libnet/libnet_join.h
@@ -25,7 +25,8 @@
NTSTATUS libnet_join_ok(const char *netbios_domain_name,
const char *machine_name,
- const char *dc_name);
+ const char *dc_name,
+ const bool use_kerberos);
WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx,
struct libnet_JoinCtx **r);
WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx,