r12227: I realised that I wasn't yet seeing authenticated LDAP for the ldb

backend.

The idea is that every time we open an LDB, we can provide a
session_info and/or credentials.  This would allow any ldb to be remote
to LDAP.  We should also support provisioning to a authenticated ldap
server.

(They are separate so we can say authenticate as foo for remote, but
here we just want a token of SYSTEM).

Andrew Bartlett
(This used to be commit ae2f3a64ee0b07575624120db45299c65204210b)

1 files changed, 4 insertions, 3 deletions

diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c
index 1530a9f6a8..08bd9aa680 100644
--- a/source4/libnet/libnet_join.c
+++ b/source4/libnet/libnet_join.c
@@ -396,7 +396,8 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	remote_ldb = ldb_wrap_connect(tmp_ctx, remote_ldb_url, 0, NULL);
+	remote_ldb = ldb_wrap_connect(tmp_ctx, remote_ldb_url, 
+				      NULL, ctx->cred, 0, NULL);
 	if (!remote_ldb) {
 		r->out.error_string = NULL;
 		talloc_free(tmp_ctx);
@@ -1131,7 +1132,7 @@ static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx,
 		}
 	}
 
-	account_name = talloc_asprintf(tmp_mem, "%s$", netbios_name);			
+	account_name = talloc_asprintf(tmp_mem, "%s$", netbios_name);
 	if (!account_name) {
 		r->out.error_string = NULL;
 		talloc_free(tmp_mem);
@@ -1142,7 +1143,7 @@ static NTSTATUS libnet_Join_primary_domain(struct libnet_context *ctx,
 	 * Local secrets are stored in secrets.ldb 
 	 * open it to make sure we can write the info into it after the join
 	 */
-	ldb = secrets_db_connect(tmp_mem);						
+	ldb = secrets_db_connect(tmp_mem);
 	if (!ldb) {
 		r->out.error_string
 			= talloc_asprintf(mem_ctx,