diff options
-rw-r--r-- | libcli/auth/credentials.h | 2 | ||||
-rw-r--r-- | source4/librpc/rpc/dcerpc_schannel.c | 9 |
2 files changed, 5 insertions, 6 deletions
diff --git a/libcli/auth/credentials.h b/libcli/auth/credentials.h index 47582ef73a..7b8fac6715 100644 --- a/libcli/auth/credentials.h +++ b/libcli/auth/credentials.h @@ -68,5 +68,3 @@ #define NETLOGON_NEG_AUTH2_ADS_FLAGS (0x200fbffb | NETLOGON_NEG_ARCFOUR | NETLOGON_NEG_128BIT | NETLOGON_NEG_SCHANNEL) -#define NETLOGON_NEG_AUTH2_RODC_FLAGS (NETLOGON_NEG_AUTH2_ADS_FLAGS | NETLOGON_NEG_RODC_PASSTHROUGH) - diff --git a/source4/librpc/rpc/dcerpc_schannel.c b/source4/librpc/rpc/dcerpc_schannel.c index 1655e6bad0..3a3dec068b 100644 --- a/source4/librpc/rpc/dcerpc_schannel.c +++ b/source4/librpc/rpc/dcerpc_schannel.c @@ -321,10 +321,6 @@ struct composite_context *dcerpc_schannel_key_send(TALLOC_CTX *mem_ctx, s->local_negotiate_flags = NETLOGON_NEG_AUTH2_FLAGS; /* allocate credentials */ - /* type of authentication depends on schannel type */ - if (schannel_type == SEC_CHAN_RODC) { - s->local_negotiate_flags = NETLOGON_NEG_AUTH2_RODC_FLAGS; - } if (s->pipe->conn->flags & DCERPC_SCHANNEL_128) { s->local_negotiate_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; } @@ -333,6 +329,11 @@ struct composite_context *dcerpc_schannel_key_send(TALLOC_CTX *mem_ctx, s->dcerpc_schannel_auto = true; } + /* type of authentication depends on schannel type */ + if (schannel_type == SEC_CHAN_RODC) { + s->local_negotiate_flags |= NETLOGON_NEG_RODC_PASSTHROUGH; + } + /* allocate binding structure */ s->binding = talloc_zero(c, struct dcerpc_binding); if (composite_nomem(s->binding, c)) return c; |