From 256a872763f1a5811cf021612b89517433faf5a2 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Fri, 28 Oct 2005 05:14:51 +0000
Subject: r11356: More cracknames work. This copes with a lookup for a
 servicePrincipalName with a realm, which always returns 'domain only', with
 the realm as the domain.

Andrew Bartlett
(This used to be commit 476cd0c649d69f682dee27c1ae2a73b870b300d0)
---
 source4/dsdb/samdb/cracknames.c | 22 +++++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c
index b5c10176b6..16afccda81 100644
--- a/source4/dsdb/samdb/cracknames.c
+++ b/source4/dsdb/samdb/cracknames.c
@@ -408,7 +408,27 @@ WERROR DsCrackNameOneName(struct ldb_context *sam_ctx, TALLOC_CTX *mem_ctx,
 		krb5_principal principal;
 		char *unparsed_name_short;
 		ret = krb5_parse_name_norealm(smb_krb5_context->krb5_context, name, &principal);
-		if (ret || (principal->name.name_string.len < 2)) {
+		if (ret) {
+			/* perhaps it's a principal with a realm, so return the right 'domain only' response */
+			char **realm;
+			ret = krb5_parse_name_mustrealm(smb_krb5_context->krb5_context, name, &principal);
+			if (ret) {
+				info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
+				return WERR_OK;
+			}
+				
+			/* This isn't an allocation assignemnt, so it is free'ed with the krb5_free_principal */
+			realm = krb5_princ_realm(smb_krb5_context->krb5_context, principal);
+
+			info1->dns_domain_name	= talloc_strdup(info1, *realm);
+			krb5_free_principal(smb_krb5_context->krb5_context, principal);
+	
+			WERR_TALLOC_CHECK(info1->dns_domain_name);
+
+			info1->status = DRSUAPI_DS_NAME_STATUS_DOMAIN_ONLY;
+			return WERR_OK;
+			
+		} else if (principal->name.name_string.len < 2) {
 			info1->status = DRSUAPI_DS_NAME_STATUS_NOT_FOUND;
 			return WERR_OK;
 		}
-- 
cgit