diff options
-rw-r--r-- | source3/libnet/libnet_join.c | 70 | ||||
-rw-r--r-- | source3/utils/net_ads.c | 18 |
2 files changed, 68 insertions, 20 deletions
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 90cb64c5d6..16a7ea4566 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -1414,13 +1414,6 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx, return WERR_INVALID_PARAM; } - if (r->in.modify_config && !lp_config_backend_is_registry()) { - libnet_join_set_error_string(mem_ctx, r, - "Configuration manipulation requested but not " - "supported by backend"); - return WERR_NOT_SUPPORTED; - } - if (IS_DC) { return WERR_SETUP_DOMAIN_CONTROLLER; } @@ -1564,6 +1557,57 @@ WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx, /**************************************************************** ****************************************************************/ +static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx, + struct libnet_JoinCtx *r) +{ + /* check if configuration is already set correctly */ + + switch (r->out.domain_is_ad) { + case false: + if ((strequal(lp_workgroup(), + r->out.netbios_domain_name)) && + (lp_security() == SEC_DOMAIN)) { + /* nothing to be done */ + return WERR_OK; + } + break; + case true: + if ((strequal(lp_workgroup(), + r->out.netbios_domain_name)) && + (strequal(lp_realm(), + r->out.dns_domain_name)) && + ((lp_security() == SEC_ADS) || + (lp_security() == SEC_DOMAIN))) { + /* nothing to be done */ + return WERR_OK; + } + break; + } + + /* check if we are supposed to manipulate configuration */ + + if (!r->in.modify_config) { + libnet_join_set_error_string(mem_ctx, r, + "Invalid configuration and configuration modification " + "was not requested"); + return WERR_CAN_NOT_COMPLETE; + } + + /* check if we are able to manipulate configuration */ + + if (!lp_config_backend_is_registry()) { + libnet_join_set_error_string(mem_ctx, r, + "Configuration manipulation requested but not " + "supported by backend"); + return WERR_NOT_SUPPORTED; + } + + return WERR_OK; +} + +/**************************************************************** +****************************************************************/ + static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, struct libnet_JoinCtx *r) { @@ -1626,6 +1670,11 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, return ntstatus_to_werror(status); } + werr = libnet_join_check_config(mem_ctx, r); + if (!W_ERROR_IS_OK(werr)) { + goto done; + } + status = libnet_join_joindomain_rpc(mem_ctx, r, cli); if (!NT_STATUS_IS_OK(status)) { libnet_join_set_error_string(mem_ctx, r, @@ -1804,13 +1853,6 @@ static WERROR libnet_unjoin_pre_processing(TALLOC_CTX *mem_ctx, return WERR_INVALID_PARAM; } - if (r->in.modify_config && !lp_config_backend_is_registry()) { - libnet_unjoin_set_error_string(mem_ctx, r, - "Configuration manipulation requested but not " - "supported by backend"); - return WERR_NOT_SUPPORTED; - } - if (IS_DC) { return WERR_SETUP_DOMAIN_CONTROLLER; } diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 50e5b3752b..88051ec4a1 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -839,6 +839,7 @@ static int net_ads_leave(int argc, const char **argv) r->in.domain_name = lp_realm(); r->in.admin_account = opt_user_name; r->in.admin_password = net_prompt_pass(opt_user_name); + r->in.modify_config = lp_config_backend_is_registry(); r->in.unjoin_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE; @@ -1111,11 +1112,15 @@ int net_ads_join(int argc, const char **argv) int i; const char *os_name = NULL; const char *os_version = NULL; + bool modify_config = lp_config_backend_is_registry(); - werr = check_ads_config(); - if (!W_ERROR_IS_OK(werr)) { - d_fprintf(stderr, "Invalid configuration. Exiting....\n"); - goto fail; + if (!modify_config) { + + werr = check_ads_config(); + if (!W_ERROR_IS_OK(werr)) { + d_fprintf(stderr, "Invalid configuration. Exiting....\n"); + goto fail; + } } if (!(ctx = talloc_init("net_ads_join"))) { @@ -1182,6 +1187,7 @@ int net_ads_join(int argc, const char **argv) r->in.admin_account = opt_user_name; r->in.admin_password = net_prompt_pass(opt_user_name); r->in.debug = true; + r->in.modify_config = modify_config; r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE | WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE | WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED; @@ -1217,8 +1223,8 @@ int net_ads_join(int argc, const char **argv) use_in_memory_ccache(); asprintf( &ads_dns->auth.user_name, "%s$", global_myname() ); ads_dns->auth.password = secrets_fetch_machine_password( - lp_workgroup(), NULL, NULL ); - ads_dns->auth.realm = SMB_STRDUP( lp_realm() ); + r->out.netbios_domain_name, NULL, NULL ); + ads_dns->auth.realm = SMB_STRDUP( r->out.dns_domain_name ); ads_kinit_password( ads_dns ); } |