diff options
Diffstat (limited to 'source3/utils')
-rw-r--r-- | source3/utils/net_ads.c | 49 | ||||
-rw-r--r-- | source3/utils/net_domain.c | 6 |
2 files changed, 25 insertions, 30 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index e1762da2f7..0f189f9c6f 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -819,6 +819,7 @@ static int net_ads_leave(int argc, const char **argv) struct cli_state *cli = NULL; TALLOC_CTX *ctx; DOM_SID *dom_sid = NULL; + char *short_domain_name = NULL; if (!secrets_init()) { DEBUG(1,("Failed to initialise secrets database\n")); @@ -845,15 +846,15 @@ static int net_ads_leave(int argc, const char **argv) goto done; } - saf_store( cli->server_domain, cli->desthost ); - - if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, &dom_sid )) ) { + if ( !NT_STATUS_IS_OK(netdom_get_domain_sid( ctx, cli, &short_domain_name, &dom_sid )) ) { goto done; } + saf_delete( short_domain_name ); + status = netdom_leave_domain(ctx, cli, dom_sid); - /* Ty and delete it via LDAP - the old way we used to. */ + /* Try and delete it via LDAP - the old way we used to. */ adsret = ads_leave_realm(ads, global_myname()); if (ADS_ERR_OK(adsret)) { @@ -962,7 +963,8 @@ static NTSTATUS check_ads_config( void ) ********************************************************************/ static NTSTATUS net_join_domain(TALLOC_CTX *ctx, const char *servername, - struct in_addr *ip, DOM_SID **dom_sid, + struct in_addr *ip, char **domain, + DOM_SID **dom_sid, const char *password) { NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; @@ -973,13 +975,16 @@ static NTSTATUS net_join_domain(TALLOC_CTX *ctx, const char *servername, goto done; } - saf_store( cli->server_domain, cli->desthost ); - - ret = netdom_get_domain_sid( ctx, cli, dom_sid ); + ret = netdom_get_domain_sid( ctx, cli, domain, dom_sid ); if ( !NT_STATUS_IS_OK(ret) ) { goto done; } + /* cli->server_domain is not filled in when using krb5 + session setups */ + + saf_store( *domain, cli->desthost ); + ret = netdom_join_domain( ctx, cli, *dom_sid, password, ND_TYPE_AD ); done: @@ -1331,9 +1336,8 @@ int net_ads_join(int argc, const char **argv) ADS_STATUS status; NTSTATUS nt_status; char *machine_account = NULL; - const char *short_domain_name = NULL; + char *short_domain_name = NULL; char *tmp_password, *password; - struct cldap_netlogon_reply cldap_reply; TALLOC_CTX *ctx = NULL; DOM_SID *domain_sid = NULL; BOOL createupn = False; @@ -1410,29 +1414,20 @@ int net_ads_join(int argc, const char **argv) password = talloc_strdup(ctx, tmp_password); nt_status = net_join_domain(ctx, ads->config.ldap_server_name, - &ads->ldap_ip, &domain_sid, password); + &ads->ldap_ip, &short_domain_name, &domain_sid, password); if ( !NT_STATUS_IS_OK(nt_status) ) { DEBUG(1, ("call of net_join_domain failed: %s\n", get_friendly_nt_error_msg(nt_status))); goto fail; } - + /* Check the short name of the domain */ - ZERO_STRUCT( cldap_reply ); - - if ( ads_cldap_netlogon( ads->config.ldap_server_name, - ads->server.realm, &cldap_reply ) ) - { - short_domain_name = talloc_strdup( ctx, cldap_reply.netbios_domain ); - if ( !strequal(lp_workgroup(), short_domain_name) ) { - d_printf("The workgroup in smb.conf does not match the short\n"); - d_printf("domain name obtained from the server.\n"); - d_printf("Using the name [%s] from the server.\n", short_domain_name); - d_printf("You should set \"workgroup = %s\" in smb.conf.\n", short_domain_name); - } - } else { - short_domain_name = lp_workgroup(); + if ( !strequal(lp_workgroup(), short_domain_name) ) { + d_printf("The workgroup in smb.conf does not match the short\n"); + d_printf("domain name obtained from the server.\n"); + d_printf("Using the name [%s] from the server.\n", short_domain_name); + d_printf("You should set \"workgroup = %s\" in smb.conf.\n", short_domain_name); } d_printf("Using short domain name -- %s\n", short_domain_name); @@ -1519,7 +1514,7 @@ int net_ads_join(int argc, const char **argv) /* exit from this block using machine creds */ #endif - d_printf("Joined '%s' to realm '%s'\n", global_myname(), ads->config.realm); + d_printf("Joined '%s' to realm '%s'\n", global_myname(), ads->server.realm); SAFE_FREE(machine_account); TALLOC_FREE( ctx ); diff --git a/source3/utils/net_domain.c b/source3/utils/net_domain.c index ab71d35fde..4f7bc8ddec 100644 --- a/source3/utils/net_domain.c +++ b/source3/utils/net_domain.c @@ -157,12 +157,12 @@ int netdom_store_machine_account( const char *domain, DOM_SID *sid, const char * /******************************************************************* ********************************************************************/ -NTSTATUS netdom_get_domain_sid( TALLOC_CTX *mem_ctx, struct cli_state *cli, DOM_SID **sid ) +NTSTATUS netdom_get_domain_sid( TALLOC_CTX *mem_ctx, struct cli_state *cli, + char **domain, DOM_SID **sid ) { struct rpc_pipe_client *pipe_hnd = NULL; POLICY_HND lsa_pol; NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - char *domain = NULL; if ( (pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &status)) == NULL ) { DEBUG(0, ("Error connecting to LSA pipe. Error was %s\n", @@ -176,7 +176,7 @@ NTSTATUS netdom_get_domain_sid( TALLOC_CTX *mem_ctx, struct cli_state *cli, DOM_ return status; status = rpccli_lsa_query_info_policy(pipe_hnd, mem_ctx, - &lsa_pol, 5, &domain, sid); + &lsa_pol, 5, domain, sid); if ( !NT_STATUS_IS_OK(status) ) return status; |