summaryrefslogtreecommitdiff
path: root/source4/ldap_server
diff options
context:
space:
mode:
Diffstat (limited to 'source4/ldap_server')
-rw-r--r--source4/ldap_server/ldap_bind.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index e9d38ad93b..7a296d01ac 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -63,6 +63,7 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
DEBUG(10, ("BindSASL dn: %s\n",req->dn));
if (!call->conn->gensec) {
+ struct cli_credentials *server_credentials;
call->conn->session_info = NULL;
status = gensec_server_start(call->conn, &call->conn->gensec,
@@ -74,6 +75,23 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
gensec_set_target_service(call->conn->gensec, "ldap");
+ server_credentials
+ = cli_credentials_init(call);
+ if (!server_credentials) {
+ DEBUG(1, ("Failed to init server credentials\n"));
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ cli_credentials_set_conf(server_credentials);
+ status = cli_credentials_set_machine_account(server_credentials);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status)));
+ talloc_free(server_credentials);
+ server_credentials = NULL;
+ }
+
+ gensec_set_credentials(call->conn->gensec, server_credentials);
+
gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SIGN);
gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SEAL);
gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_ASYNC_REPLIES);
generated by cgit (git 2.34.1) at 2025-02-20 09:00:34 +0000