summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libsmb/trust_passwd.c3
-rw-r--r--source3/nsswitch/winbindd_cm.c7
-rw-r--r--source3/rpc_client/cli_netlogon.c18
-rw-r--r--source3/rpcclient/cmd_netlogon.c9
4 files changed, 25 insertions, 12 deletions
diff --git a/source3/libsmb/trust_passwd.c b/source3/libsmb/trust_passwd.c
index fe6b673e39..d500cb3ab7 100644
--- a/source3/libsmb/trust_passwd.c
+++ b/source3/libsmb/trust_passwd.c
@@ -35,8 +35,7 @@ static NTSTATUS just_change_the_password(struct cli_state *cli, TALLOC_CTX *mem_
unsigned char new_trust_passwd_hash[16])
{
NTSTATUS result;
- result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ?
- SEC_CHAN_WKSTA : SEC_CHAN_BDC, orig_trust_passwd_hash);
+ result = cli_nt_setup_creds(cli, get_sec_chan(), orig_trust_passwd_hash);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(1,("just_change_the_password: unable to setup creds (%s)!\n",
diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c
index 2dec9f0558..ddab850cf0 100644
--- a/source3/nsswitch/winbindd_cm.c
+++ b/source3/nsswitch/winbindd_cm.c
@@ -870,8 +870,7 @@ NTSTATUS cm_get_netlogon_cli(char *domain, unsigned char *trust_passwd,
return result;
}
- result = cli_nt_setup_creds(conn->cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ?
- SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd);
+ result = cli_nt_setup_creds(conn->cli, get_sec_chan(), trust_passwd);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("error connecting to domain password server: %s\n",
@@ -884,8 +883,8 @@ NTSTATUS cm_get_netlogon_cli(char *domain, unsigned char *trust_passwd,
}
/* Try again */
- result = cli_nt_setup_creds(conn->cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ?
- SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd);
+ result = cli_nt_setup_creds(
+ conn->cli, get_sec_chan(),trust_passwd);
}
if (!NT_STATUS_IS_OK(result)) {
diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c
index 60048d189d..58ba32eb2e 100644
--- a/source3/rpc_client/cli_netlogon.c
+++ b/source3/rpc_client/cli_netlogon.c
@@ -152,6 +152,24 @@ password ?).\n", cli->desthost ));
return result;
}
+/* Return the secure channel type depending on the server role. */
+
+uint16 get_sec_chan(void)
+{
+ uint16 sec_chan = SEC_CHAN_WKSTA;
+
+ switch (lp_server_role()) {
+ case ROLE_DOMAIN_PDC:
+ sec_chan = SEC_CHAN_DOMAIN;
+ break;
+ case ROLE_DOMAIN_BDC:
+ sec_chan = SEC_CHAN_BDC;
+ break;
+ }
+
+ return sec_chan;
+}
+
/* Initialize domain session credentials */
NTSTATUS cli_nt_setup_creds(struct cli_state *cli,
diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c
index 20fd069fbe..ffff1dab04 100644
--- a/source3/rpcclient/cmd_netlogon.c
+++ b/source3/rpcclient/cmd_netlogon.c
@@ -173,8 +173,7 @@ static NTSTATUS cmd_netlogon_sam_sync(struct cli_state *cli,
goto done;
}
- result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ?
- SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd);
+ result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd);
if (!NT_STATUS_IS_OK(result)) {
fprintf(stderr, "Error initialising session creds\n");
@@ -237,8 +236,7 @@ static NTSTATUS cmd_netlogon_sam_deltas(struct cli_state *cli,
goto done;
}
- result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ?
- SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd);
+ result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd);
if (!NT_STATUS_IS_OK(result)) {
fprintf(stderr, "Error initialising session creds\n");
@@ -300,8 +298,7 @@ static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli,
goto done;
}
- result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ?
- SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd);
+ result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd);
if (!NT_STATUS_IS_OK(result)) {
fprintf(stderr, "Error initialising session creds\n");