From 1f3f75f747cc6388013360bff06574f3299090d3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 29 Sep 2010 16:35:52 -0700 Subject: s4-samldb: also set a password on the krbtgt_NNNN account when we setup the krbtgt_NNNN account using the DCPROMO_OID control, we also need to set an initial password for this account Pair-Programmed-With: Andrew Bartlett --- source4/dsdb/samdb/ldb_modules/samldb.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/source4/dsdb/samdb/ldb_modules/samldb.c b/source4/dsdb/samdb/ldb_modules/samldb.c index 269952a896..06f70a5311 100644 --- a/source4/dsdb/samdb/ldb_modules/samldb.c +++ b/source4/dsdb/samdb/ldb_modules/samldb.c @@ -361,6 +361,7 @@ static int samldb_rodc_add(struct samldb_ctx *ac) struct ldb_context *ldb = ldb_module_get_ctx(ac->module); unsigned krbtgt_number, i_start, i; int ret; + char *newpass; /* find a unused msDC-SecondaryKrbTgtNumber */ i_start = generate_random() & 0xFFFF; @@ -402,6 +403,16 @@ found: return ldb_operr(ldb); } + newpass = generate_random_password(ac, 128, 255); + if (newpass == NULL) { + return ldb_operr(ldb); + } + + ret = ldb_msg_add_steal_string(ac->msg, "clearTextPassword", newpass); + if (ret != LDB_SUCCESS) { + return ldb_operr(ldb); + } + return samldb_next_step(ac); } -- cgit