diff options
-rw-r--r-- | source3/passdb/pdb_ipa.c | 16 | ||||
-rw-r--r-- | source3/rpc_server/lsa/srv_lsa_nt.c | 4 |
2 files changed, 18 insertions, 2 deletions
diff --git a/source3/passdb/pdb_ipa.c b/source3/passdb/pdb_ipa.c index 3daa06e2a8..3108c5e1f0 100644 --- a/source3/passdb/pdb_ipa.c +++ b/source3/passdb/pdb_ipa.c @@ -812,6 +812,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state, NTSTATUS status; int ret; char *princ; + const char *domain; + char *domain_with_dot; dn = get_account_dn(pdb_get_username(sampass)); if (dn == NULL) { @@ -823,6 +825,16 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state, return NT_STATUS_NO_MEMORY; } + domain = pdb_get_domain(sampass); + if (domain == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + domain_with_dot = talloc_asprintf(talloc_tos(), "%s.", domain); + if (domain_with_dot == NULL) { + return NT_STATUS_NO_MEMORY; + } + smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", LDAP_OBJ_KRB_PRINCIPAL); smbldap_set_mod(&mods, LDAP_MOD_ADD, @@ -832,7 +844,7 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state, smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", "ipaHost"); smbldap_set_mod(&mods, LDAP_MOD_ADD, - "fqdn", "dummy.dummy.dummy"); + "fqdn", domain); smbldap_set_mod(&mods, LDAP_MOD_ADD, "objectclass", "posixAccount"); smbldap_set_mod(&mods, LDAP_MOD_ADD, @@ -841,6 +853,8 @@ static NTSTATUS ipasam_add_objectclasses(struct ldapsam_privates *ldap_state, "gidNumber", "12345"); smbldap_set_mod(&mods, LDAP_MOD_ADD, "homeDirectory", "/dev/null"); + smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain); + smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain_with_dot); ret = smbldap_modify(ldap_state->smbldap_state, dn, mods); ldap_mods_free(mods, true); diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c index dee679eb79..9f05433631 100644 --- a/source3/rpc_server/lsa/srv_lsa_nt.c +++ b/source3/rpc_server/lsa/srv_lsa_nt.c @@ -1601,6 +1601,7 @@ NTSTATUS _lsa_OpenTrustedDomainByName(struct pipes_struct *p, static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx, const char *netbios_name, + const char *domain_name, struct trustDomainPasswords auth_struct) { NTSTATUS status; @@ -1625,7 +1626,7 @@ static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx, return NT_STATUS_UNSUCCESSFUL; } - if (!pdb_set_domain(sam_acct, get_global_sam_name(), PDB_SET)) { + if (!pdb_set_domain(sam_acct, domain_name, PDB_SET)) { return NT_STATUS_UNSUCCESSFUL; } @@ -1787,6 +1788,7 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p, if (r->in.info->trust_direction & LSA_TRUST_DIRECTION_INBOUND) { status = add_trusted_domain_user(p->mem_ctx, r->in.info->netbios_name.string, + r->in.info->domain_name.string, auth_struct); if (!NT_STATUS_IS_OK(status)) { return status; |