From 211f6d5f557c7a737f3ccc1b4ef592c0ea8d7b94 Mon Sep 17 00:00:00 2001
From: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
Date: Fri, 5 Nov 2010 00:00:13 +0200
Subject: s4/auth: Add logon_parameters to authenticate_username_pw

We need to be able to set the logon parameters in the same way as in the
ntlm server so we can handle openldap simple authentication call correctly.

Autobuild-User: Anatoliy Atanasov <anatoliy@samba.org>
Autobuild-Date: Fri Nov  5 06:32:43 UTC 2010 on sn-devel-104
---
 source4/auth/auth.h             | 15 ++++++++-------
 source4/auth/ntlm/auth_simple.c |  5 ++++-
 source4/ldap_server/ldap_bind.c |  2 ++
 3 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/source4/auth/auth.h b/source4/auth/auth.h
index 2f0af027bc..0f6386fb7a 100644
--- a/source4/auth/auth.h
+++ b/source4/auth/auth.h
@@ -248,13 +248,14 @@ NTSTATUS auth_init(void);
 NTSTATUS auth_register(const struct auth_operations *ops);
 NTSTATUS server_service_auth_init(void);
 NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
-					   struct tevent_context *ev,
-					   struct messaging_context *msg,
-					   struct loadparm_context *lp_ctx,
-					   const char *nt4_domain,
-					   const char *nt4_username,
-					   const char *password,
-					   struct auth_session_info **session_info);
+				  struct tevent_context *ev,
+				  struct messaging_context *msg,
+				  struct loadparm_context *lp_ctx,
+				  const char *nt4_domain,
+				  const char *nt4_username,
+				  const char *password,
+				  const uint32_t logon_parameters,
+				  struct auth_session_info **session_info);
 
 struct tevent_req *auth_check_password_send(TALLOC_CTX *mem_ctx,
 					    struct tevent_context *ev,
diff --git a/source4/auth/ntlm/auth_simple.c b/source4/auth/ntlm/auth_simple.c
index 65a08cd92b..1079fba527 100644
--- a/source4/auth/ntlm/auth_simple.c
+++ b/source4/auth/ntlm/auth_simple.c
@@ -35,6 +35,7 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
 					   const char *nt4_domain,
 					   const char *nt4_username,
 					   const char *password,
+					   const uint32_t logon_parameters,
 					   struct auth_session_info **session_info) 
 {
 	struct auth_context *auth_context;
@@ -78,7 +79,9 @@ _PUBLIC_ NTSTATUS authenticate_username_pw(TALLOC_CTX *mem_ctx,
 	user_info->flags = USER_INFO_CASE_INSENSITIVE_USERNAME |
 		USER_INFO_DONT_CHECK_UNIX_ACCOUNT;
 
-	user_info->logon_parameters = 0;
+	user_info->logon_parameters = logon_parameters |
+		MSV1_0_CLEARTEXT_PASSWORD_ALLOWED |
+		MSV1_0_CLEARTEXT_PASSWORD_SUPPLIED;
 
 	nt_status = auth_check_password(auth_context, tmp_ctx, user_info, &server_info);
 	if (!NT_STATUS_IS_OK(nt_status)) {
diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index 5036353a4b..25be4802d6 100644
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -53,6 +53,8 @@ static NTSTATUS ldapsrv_BindSimple(struct ldapsrv_call *call)
 						  call->conn->lp_ctx,
 						  nt4_domain, nt4_account, 
 						  req->creds.password,
+						  MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT |
+						  MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT,
 						  &session_info);
 	}
 
-- 
cgit