summaryrefslogtreecommitdiff
path: root/source4/rpc_server/netlogon
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2010-08-17 18:24:29 +1000
committerAndrew Tridgell <tridge@samba.org>2010-08-17 21:21:51 +1000
commit2688375ffeba81ad635ca6bce175b1c849178482 (patch)
treef87cd25e7cc50ff3be5f72a123d681ecd7f61450 /source4/rpc_server/netlogon
parent82c171aa558c6b9ea0455915c9a2a2286498b8ea (diff)
downloadsamba-2688375ffeba81ad635ca6bce175b1c849178482.tar.gz
samba-2688375ffeba81ad635ca6bce175b1c849178482.tar.bz2
samba-2688375ffeba81ad635ca6bce175b1c849178482.zip
s4-netlogon: added SEC_CHAN_RODC
This seems to be equivalent to SEC_CHAN_BDC, but for RODCs
Diffstat (limited to 'source4/rpc_server/netlogon')
-rw-r--r--source4/rpc_server/netlogon/dcerpc_netlogon.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 9d8195aaad..5893bd4821 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -217,6 +217,11 @@ static NTSTATUS dcesrv_netr_ServerAuthenticate3(struct dcesrv_call_state *dce_ca
DEBUG(1, ("Client asked for a server secure channel, but is not a server (domain controller): acb flags: 0x%x\n", user_account_control));
return NT_STATUS_ACCESS_DENIED;
}
+ } else if (r->in.secure_channel_type == SEC_CHAN_RODC) {
+ if (!(user_account_control & UF_PARTIAL_SECRETS_ACCOUNT)) {
+ DEBUG(1, ("Client asked for a RODC secure channel, but is not a RODC: acb flags: 0x%x\n", user_account_control));
+ return NT_STATUS_ACCESS_DENIED;
+ }
} else {
DEBUG(1, ("Client asked for an invalid secure channel type: %d\n",
r->in.secure_channel_type));