diff options
author | Richard Sharpe <realrichardsharpe@gmail.com> | 2013-02-26 20:22:05 -0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2013-02-27 21:49:25 +0100 |
commit | a125ebe9a5f3b9801b99bdffd12d565fc6fdcf07 (patch) | |
tree | 8103fcdaa758f6828a9454028a6b3d0dff5043f8 /source3 | |
parent | bb0e4cbc3c30137245ca6b6cf9d74812ad17cee1 (diff) | |
download | samba-a125ebe9a5f3b9801b99bdffd12d565fc6fdcf07.tar.gz samba-a125ebe9a5f3b9801b99bdffd12d565fc6fdcf07.tar.bz2 samba-a125ebe9a5f3b9801b99bdffd12d565fc6fdcf07.zip |
Make sure that domain joins work correctly when the DC disallows NTLM auth.
Signed-Off-By: Richard Sharpe <realrichardsharpe@gmail.com>
Reviewed-By: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Feb 27 21:49:25 CET 2013 on sn-devel-104
Diffstat (limited to 'source3')
-rw-r--r-- | source3/libnet/libnet_join.c | 14 | ||||
-rw-r--r-- | source3/libnet/libnet_join.h | 3 |
2 files changed, 13 insertions, 4 deletions
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 3d0a6d30b8..2b4ab0bf9e 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1170,7 +1170,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX *mem_ctx, NTSTATUS libnet_join_ok(const char *netbios_domain_name, const char *machine_name, - const char *dc_name) + const char *dc_name, + const bool use_kerberos) { uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; struct cli_state *cli = NULL; @@ -1179,6 +1180,7 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name, NTSTATUS status; char *machine_password = NULL; char *machine_account = NULL; + int flags = 0; if (!dc_name) { return NT_STATUS_INVALID_PARAMETER; @@ -1199,6 +1201,10 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name, return NT_STATUS_NO_MEMORY; } + if (use_kerberos) { + flags |= CLI_FULL_CONNECTION_USE_KERBEROS; + } + status = cli_full_connection(&cli, NULL, dc_name, NULL, 0, @@ -1206,7 +1212,7 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name, machine_account, NULL, machine_password, - 0, + flags, SMB_SIGNING_DEFAULT); free(machine_account); free(machine_password); @@ -1277,7 +1283,8 @@ static WERROR libnet_join_post_verify(TALLOC_CTX *mem_ctx, status = libnet_join_ok(r->out.netbios_domain_name, r->in.machine_name, - r->in.dc_name); + r->in.dc_name, + r->in.use_kerberos); if (!NT_STATUS_IS_OK(status)) { libnet_join_set_error_string(mem_ctx, r, "failed to verify domain membership after joining: %s", @@ -2084,6 +2091,7 @@ static WERROR libnet_join_rollback(TALLOC_CTX *mem_ctx, u->in.admin_account = r->in.admin_account; u->in.admin_password = r->in.admin_password; u->in.modify_config = r->in.modify_config; + u->in.use_kerberos = r->in.use_kerberos; u->in.unjoin_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE; diff --git a/source3/libnet/libnet_join.h b/source3/libnet/libnet_join.h index dccf03b715..58c33b2dbc 100644 --- a/source3/libnet/libnet_join.h +++ b/source3/libnet/libnet_join.h @@ -25,7 +25,8 @@ NTSTATUS libnet_join_ok(const char *netbios_domain_name, const char *machine_name, - const char *dc_name); + const char *dc_name, + const bool use_kerberos); WERROR libnet_init_JoinCtx(TALLOC_CTX *mem_ctx, struct libnet_JoinCtx **r); WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx, |