diff options
-rw-r--r-- | source3/libsmb/trust_passwd.c | 3 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_cm.c | 7 | ||||
-rw-r--r-- | source3/rpc_client/cli_netlogon.c | 18 | ||||
-rw-r--r-- | source3/rpcclient/cmd_netlogon.c | 9 |
4 files changed, 25 insertions, 12 deletions
diff --git a/source3/libsmb/trust_passwd.c b/source3/libsmb/trust_passwd.c index fe6b673e39..d500cb3ab7 100644 --- a/source3/libsmb/trust_passwd.c +++ b/source3/libsmb/trust_passwd.c @@ -35,8 +35,7 @@ static NTSTATUS just_change_the_password(struct cli_state *cli, TALLOC_CTX *mem_ unsigned char new_trust_passwd_hash[16]) { NTSTATUS result; - result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ? - SEC_CHAN_WKSTA : SEC_CHAN_BDC, orig_trust_passwd_hash); + result = cli_nt_setup_creds(cli, get_sec_chan(), orig_trust_passwd_hash); if (!NT_STATUS_IS_OK(result)) { DEBUG(1,("just_change_the_password: unable to setup creds (%s)!\n", diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index 2dec9f0558..ddab850cf0 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -870,8 +870,7 @@ NTSTATUS cm_get_netlogon_cli(char *domain, unsigned char *trust_passwd, return result; } - result = cli_nt_setup_creds(conn->cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ? - SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd); + result = cli_nt_setup_creds(conn->cli, get_sec_chan(), trust_passwd); if (!NT_STATUS_IS_OK(result)) { DEBUG(0, ("error connecting to domain password server: %s\n", @@ -884,8 +883,8 @@ NTSTATUS cm_get_netlogon_cli(char *domain, unsigned char *trust_passwd, } /* Try again */ - result = cli_nt_setup_creds(conn->cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ? - SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd); + result = cli_nt_setup_creds( + conn->cli, get_sec_chan(),trust_passwd); } if (!NT_STATUS_IS_OK(result)) { diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 60048d189d..58ba32eb2e 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -152,6 +152,24 @@ password ?).\n", cli->desthost )); return result; } +/* Return the secure channel type depending on the server role. */ + +uint16 get_sec_chan(void) +{ + uint16 sec_chan = SEC_CHAN_WKSTA; + + switch (lp_server_role()) { + case ROLE_DOMAIN_PDC: + sec_chan = SEC_CHAN_DOMAIN; + break; + case ROLE_DOMAIN_BDC: + sec_chan = SEC_CHAN_BDC; + break; + } + + return sec_chan; +} + /* Initialize domain session credentials */ NTSTATUS cli_nt_setup_creds(struct cli_state *cli, diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index 20fd069fbe..ffff1dab04 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -173,8 +173,7 @@ static NTSTATUS cmd_netlogon_sam_sync(struct cli_state *cli, goto done; } - result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ? - SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd); + result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd); if (!NT_STATUS_IS_OK(result)) { fprintf(stderr, "Error initialising session creds\n"); @@ -237,8 +236,7 @@ static NTSTATUS cmd_netlogon_sam_deltas(struct cli_state *cli, goto done; } - result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ? - SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd); + result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd); if (!NT_STATUS_IS_OK(result)) { fprintf(stderr, "Error initialising session creds\n"); @@ -300,8 +298,7 @@ static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli, goto done; } - result = cli_nt_setup_creds(cli, (lp_server_role() == ROLE_DOMAIN_MEMBER) ? - SEC_CHAN_WKSTA : SEC_CHAN_BDC, trust_passwd); + result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd); if (!NT_STATUS_IS_OK(result)) { fprintf(stderr, "Error initialising session creds\n"); |