summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/passdb/pdb_ipa.c16
-rw-r--r--source3/rpc_server/lsa/srv_lsa_nt.c4
2 files changed, 18 insertions, 2 deletions
diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c
index 3daa06e2a8..3108c5e1f0 100644
--- a/source3/passdb/pdb_ipa.c
+++ b/source3/passdb/pdb_ipa.c
@@ -812,6 +812,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
NTSTATUS status;
int ret;
char *princ;
+ const char *domain;
+ char *domain_with_dot;
dn = get_account_dn(pdb_get_username(sampass));
if (dn == NULL) {
@@ -823,6 +825,16 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
return NT_STATUS_NO_MEMORY;
}
+ domain = pdb_get_domain(sampass);
+ if (domain == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ domain_with_dot = talloc_asprintf(talloc_tos(), "%s.", domain);
+ if (domain_with_dot == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", LDAP_OBJ_KRB_PRINCIPAL);
smbldap_set_mod(&mods, LDAP_MOD_ADD,
@@ -832,7 +844,7 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", "ipaHost");
smbldap_set_mod(&mods, LDAP_MOD_ADD,
- "fqdn", "dummy.dummy.dummy");
+ "fqdn", domain);
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", "posixAccount");
smbldap_set_mod(&mods, LDAP_MOD_ADD,
@@ -841,6 +853,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state,
"gidNumber", "12345");
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"homeDirectory", "/dev/null");
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain_with_dot);
ret = smbldap_modify(ldap_state->smbldap_state, dn, mods);
ldap_mods_free(mods, true);
diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index dee679eb79..9f05433631 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -1601,6 +1601,7 @@ NTSTATUS _lsa_OpenTrustedDomainByName(struct pipes_struct *p,
static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx,
const char *netbios_name,
+ const char *domain_name,
struct trustDomainPasswords auth_struct)
{
NTSTATUS status;
@@ -1625,7 +1626,7 @@ static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx,
return NT_STATUS_UNSUCCESSFUL;
}
- if (!pdb_set_domain(sam_acct, get_global_sam_name(), PDB_SET)) {
+ if (!pdb_set_domain(sam_acct, domain_name, PDB_SET)) {
return NT_STATUS_UNSUCCESSFUL;
}
@@ -1787,6 +1788,7 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p,
if (r->in.info->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
status = add_trusted_domain_user(p->mem_ctx,
r->in.info->netbios_name.string,
+ r->in.info->domain_name.string,
auth_struct);
if (!NT_STATUS_IS_OK(status)) {
return status;