diff options
author | Andrew Tridgell <tridge@samba.org> | 2010-08-17 18:24:29 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2010-08-17 21:21:51 +1000 |
commit | 2688375ffeba81ad635ca6bce175b1c849178482 (patch) | |
tree | f87cd25e7cc50ff3be5f72a123d681ecd7f61450 /source4/rpc_server/netlogon | |
parent | 82c171aa558c6b9ea0455915c9a2a2286498b8ea (diff) | |
download | samba-2688375ffeba81ad635ca6bce175b1c849178482.tar.gz samba-2688375ffeba81ad635ca6bce175b1c849178482.tar.bz2 samba-2688375ffeba81ad635ca6bce175b1c849178482.zip |
s4-netlogon: added SEC_CHAN_RODC
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
Diffstat (limited to 'source4/rpc_server/netlogon')
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index 9d8195aaad..5893bd4821 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -217,6 +217,11 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", user_account_control)); return NT_STATUS_ACCESS_DENIED; } + } else if (r->in.secure_channel_type == SEC_CHAN_RODC) { + if (!(user_account_control & UF_PARTIAL_SECRETS_ACCOUNT)) { + DEBUG(1, ("Client asked for a RODC secure channel, but is not a RODC: acb flags: 0x%x\n", user_account_control)); + return NT_STATUS_ACCESS_DENIED; + } } else { DEBUG(1, ("Client asked for an invalid secure channel type: %d\n", r->in.secure_channel_type)); |