diff options
Diffstat (limited to 'source3/smbd/negprot.c')
-rw-r--r-- | source3/smbd/negprot.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 16427b00d7..2be04fd686 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -170,9 +170,9 @@ static int negprot_spnego(char *p) DATA_BLOB blob; extern pstring global_myname; uint8 guid[16]; - const char *OIDs_krb5[] = {OID_KERBEROS5, + const char *OIDs_krb5[] = {OID_NTLMSSP, + OID_KERBEROS5, OID_KERBEROS5_OLD, - OID_NTLMSSP, NULL}; const char *OIDs_plain[] = {OID_NTLMSSP, NULL}; char *principal; @@ -199,7 +199,9 @@ static int negprot_spnego(char *p) if (lp_security() != SEC_ADS) { blob = spnego_gen_negTokenInit(guid, OIDs_plain, "NONE"); } else { - asprintf(&principal, "%s$@%s", guid, lp_realm()); + /* win2000 uses host$@REALM, which we will probably use eventually, + but for now this works */ + asprintf(&principal, "HOST/%s@%s", guid, lp_realm()); blob = spnego_gen_negTokenInit(guid, OIDs_krb5, principal); free(principal); } @@ -237,11 +239,7 @@ static int reply_nt1(char *inbuf, char *outbuf) capabilities |= CAP_EXTENDED_SECURITY; } - capabilities |= CAP_NT_SMBS|CAP_RPC_REMOTE_APIS; - - if (lp_unix_extensions()) { - capabilities |= CAP_UNIX; - } + capabilities |= CAP_NT_SMBS|CAP_RPC_REMOTE_APIS|CAP_UNIX; if (lp_large_readwrite() && (SMB_OFF_T_BITS == 64)) capabilities |= CAP_LARGE_READX|CAP_LARGE_WRITEX|CAP_W2K_SMBS; |