diff options
| -rw-r--r-- | source4/auth/auth_util.c | 20 | ||||
| -rw-r--r-- | source4/lib/ldb/ldb_ildap/ldb_ildap.c | 10 |
2 files changed, 28 insertions, 2 deletions
diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index df4e510c2f..95d1ddb2fc 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -553,6 +553,14 @@ NTSTATUS auth_anonymous_session_info(TALLOC_CTX *parent_ctx, NT_STATUS_NOT_OK_RETURN(nt_status); + session_info->credentials = cli_credentials_init(session_info); + if (!session_info->credentials) { + return NT_STATUS_NO_MEMORY; + } + + cli_credentials_set_conf(session_info->credentials); + cli_credentials_set_anonymous(session_info->credentials); + *_session_info = session_info; return NT_STATUS_OK; @@ -590,6 +598,18 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx, NT_STATUS_NOT_OK_RETURN(nt_status); + session_info->credentials = cli_credentials_init(session_info); + if (!session_info->credentials) { + return NT_STATUS_NO_MEMORY; + } + + cli_credentials_set_conf(session_info->credentials); + if (!NT_STATUS_IS_OK(cli_credentials_set_machine_account(session_info->credentials))) { + /* perhaps no credentials, we might not be joined to a domain */ + talloc_free(session_info->credentials); + session_info->credentials = NULL; + } + *_session_info = session_info; return NT_STATUS_OK; diff --git a/source4/lib/ldb/ldb_ildap/ldb_ildap.c b/source4/lib/ldb/ldb_ildap/ldb_ildap.c index 5fc326b425..06ff79b9a0 100644 --- a/source4/lib/ldb/ldb_ildap/ldb_ildap.c +++ b/source4/lib/ldb/ldb_ildap/ldb_ildap.c @@ -36,6 +36,7 @@ #include "libcli/ldap/ldap.h" #include "libcli/ldap/ldap_client.h" #include "lib/cmdline/popt_common.h" +#include "auth/auth.h" struct ildb_private { struct ldap_connection *ldap; @@ -459,9 +460,14 @@ int ildb_connect(struct ldb_context *ldb, const char *url, ldb->modules->ops = &ildb_ops; /* caller can optionally setup credentials using the opaque token 'credentials' */ - creds = ldb_get_opaque(ldb, "credentials"); + creds = talloc_get_type(ldb_get_opaque(ldb, "credentials"), struct cli_credentials); if (creds == NULL) { - creds = cmdline_credentials; + struct auth_session_info *session_info = talloc_get_type(ldb_get_opaque(ldb, "sessionInfo"), struct auth_session_info); + if (session_info && session_info->credentials) { + creds = session_info->credentials; + } else { + creds = cmdline_credentials; + } } if (creds != NULL && cli_credentials_authentication_requested(creds)) { |