diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2005-10-20 10:28:16 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:45:04 -0500 |
| commit | b0c7c175b1c1ed45a31a710e4fbe18bbffdd6d38 (patch) | |
| tree | 27e92188d9370e57600e9454727d85aa7fc7829f /source4/auth/credentials/credentials_files.c | |
| parent | 2817ef9f53e30c509ccf972beab617a897bd6724 (diff) | |
| download | samba-b0c7c175b1c1ed45a31a710e4fbe18bbffdd6d38.tar.gz samba-b0c7c175b1c1ed45a31a710e4fbe18bbffdd6d38.tar.bz2 samba-b0c7c175b1c1ed45a31a710e4fbe18bbffdd6d38.zip | |
r11220: Add the ability to handle the salt prinicpal as part of the
credentials. This works with the setup/secrets.ldif change from the
previous patch, and pretty much just re-invents the keytab.
Needed for kpasswdd work.
Andrew Bartlett
(This used to be commit cc9d167bab280eaeb793a5e7dfdf1f31be47fbf5)
Diffstat (limited to 'source4/auth/credentials/credentials_files.c')
| -rw-r--r-- | source4/auth/credentials/credentials_files.c | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c index 31f645bc6c..cdf38dcfa8 100644 --- a/source4/auth/credentials/credentials_files.c +++ b/source4/auth/credentials/credentials_files.c @@ -182,6 +182,7 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, "secureChannelType", "ntPwdHash", "msDS-KeyVersionNumber", + "saltPrincipal", NULL }; @@ -191,6 +192,7 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, const char *domain; const char *realm; enum netr_SchannelType sct; + const char *salt_principal; /* ok, we are going to get it now, don't recurse back here */ cred->machine_account_pending = False; @@ -209,13 +211,13 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, &msgs, attrs, "%s", filter); if (ldb_ret == 0) { - DEBUG(1, ("Could not find join record to domain: %s\n", - cli_credentials_get_domain(cred))); + DEBUG(1, ("Could not find entry to match filter: %s\n", + filter)); talloc_free(mem_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } else if (ldb_ret != 1) { - DEBUG(1, ("Found more than one (%d) join records to domain: %s\n", - ldb_ret, cli_credentials_get_domain(cred))); + DEBUG(1, ("Found more than one (%d) entry to match filter: %s\n", + ldb_ret, filter)); talloc_free(mem_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } @@ -231,6 +233,9 @@ static NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, talloc_free(mem_ctx); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } + + salt_principal = ldb_msg_find_string(msgs[0], "saltPrincipal", NULL); + cli_credentials_set_salt_principal(cred, salt_principal); sct = ldb_msg_find_int(msgs[0], "secureChannelType", 0); if (sct) { |