summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/libnet/libnet_join.c70
-rw-r--r--source3/utils/net_ads.c18
2 files changed, 68 insertions, 20 deletions
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index 90cb64c5d6..16a7ea4566 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -1414,13 +1414,6 @@ static WERROR libnet_join_pre_processing(TALLOC_CTX *mem_ctx,
return WERR_INVALID_PARAM;
}
- if (r->in.modify_config && !lp_config_backend_is_registry()) {
- libnet_join_set_error_string(mem_ctx, r,
- "Configuration manipulation requested but not "
- "supported by backend");
- return WERR_NOT_SUPPORTED;
- }
-
if (IS_DC) {
return WERR_SETUP_DOMAIN_CONTROLLER;
}
@@ -1564,6 +1557,57 @@ WERROR libnet_init_UnjoinCtx(TALLOC_CTX *mem_ctx,
/****************************************************************
****************************************************************/
+static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx,
+ struct libnet_JoinCtx *r)
+{
+ /* check if configuration is already set correctly */
+
+ switch (r->out.domain_is_ad) {
+ case false:
+ if ((strequal(lp_workgroup(),
+ r->out.netbios_domain_name)) &&
+ (lp_security() == SEC_DOMAIN)) {
+ /* nothing to be done */
+ return WERR_OK;
+ }
+ break;
+ case true:
+ if ((strequal(lp_workgroup(),
+ r->out.netbios_domain_name)) &&
+ (strequal(lp_realm(),
+ r->out.dns_domain_name)) &&
+ ((lp_security() == SEC_ADS) ||
+ (lp_security() == SEC_DOMAIN))) {
+ /* nothing to be done */
+ return WERR_OK;
+ }
+ break;
+ }
+
+ /* check if we are supposed to manipulate configuration */
+
+ if (!r->in.modify_config) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "Invalid configuration and configuration modification "
+ "was not requested");
+ return WERR_CAN_NOT_COMPLETE;
+ }
+
+ /* check if we are able to manipulate configuration */
+
+ if (!lp_config_backend_is_registry()) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "Configuration manipulation requested but not "
+ "supported by backend");
+ return WERR_NOT_SUPPORTED;
+ }
+
+ return WERR_OK;
+}
+
+/****************************************************************
+****************************************************************/
+
static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
struct libnet_JoinCtx *r)
{
@@ -1626,6 +1670,11 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
return ntstatus_to_werror(status);
}
+ werr = libnet_join_check_config(mem_ctx, r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto done;
+ }
+
status = libnet_join_joindomain_rpc(mem_ctx, r, cli);
if (!NT_STATUS_IS_OK(status)) {
libnet_join_set_error_string(mem_ctx, r,
@@ -1804,13 +1853,6 @@ static WERROR libnet_unjoin_pre_processing(TALLOC_CTX *mem_ctx,
return WERR_INVALID_PARAM;
}
- if (r->in.modify_config && !lp_config_backend_is_registry()) {
- libnet_unjoin_set_error_string(mem_ctx, r,
- "Configuration manipulation requested but not "
- "supported by backend");
- return WERR_NOT_SUPPORTED;
- }
-
if (IS_DC) {
return WERR_SETUP_DOMAIN_CONTROLLER;
}
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 50e5b3752b..88051ec4a1 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -839,6 +839,7 @@ static int net_ads_leave(int argc, const char **argv)
r->in.domain_name = lp_realm();
r->in.admin_account = opt_user_name;
r->in.admin_password = net_prompt_pass(opt_user_name);
+ r->in.modify_config = lp_config_backend_is_registry();
r->in.unjoin_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE;
@@ -1111,11 +1112,15 @@ int net_ads_join(int argc, const char **argv)
int i;
const char *os_name = NULL;
const char *os_version = NULL;
+ bool modify_config = lp_config_backend_is_registry();
- werr = check_ads_config();
- if (!W_ERROR_IS_OK(werr)) {
- d_fprintf(stderr, "Invalid configuration. Exiting....\n");
- goto fail;
+ if (!modify_config) {
+
+ werr = check_ads_config();
+ if (!W_ERROR_IS_OK(werr)) {
+ d_fprintf(stderr, "Invalid configuration. Exiting....\n");
+ goto fail;
+ }
}
if (!(ctx = talloc_init("net_ads_join"))) {
@@ -1182,6 +1187,7 @@ int net_ads_join(int argc, const char **argv)
r->in.admin_account = opt_user_name;
r->in.admin_password = net_prompt_pass(opt_user_name);
r->in.debug = true;
+ r->in.modify_config = modify_config;
r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |
WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED;
@@ -1217,8 +1223,8 @@ int net_ads_join(int argc, const char **argv)
use_in_memory_ccache();
asprintf( &ads_dns->auth.user_name, "%s$", global_myname() );
ads_dns->auth.password = secrets_fetch_machine_password(
- lp_workgroup(), NULL, NULL );
- ads_dns->auth.realm = SMB_STRDUP( lp_realm() );
+ r->out.netbios_domain_name, NULL, NULL );
+ ads_dns->auth.realm = SMB_STRDUP( r->out.dns_domain_name );
ads_kinit_password( ads_dns );
}