From e7c48884a5c7e1f88ce2decf7d12db338ff8995e Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Wed, 13 Jul 2005 20:04:26 +0000 Subject: r8432: Fix #2077 - login to trusted domain doesn't allow home drive map and login scripts to be executed. We were filling in our name as the server which processed the login, even when it was done by a trusted DC. Thanks to John Janosik for the fix. (This used to be commit 0446319a3b8096df385978449ffaa231bc5cfd0c) --- source3/auth/auth_util.c | 3 +++ source3/include/auth.h | 2 ++ source3/rpc_server/srv_netlog_nt.c | 9 +++++++-- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index 49df15533a..6624631b53 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -1327,6 +1327,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx, return nt_status; } + (*server_info)->login_server = unistr2_tdup(mem_ctx, + &(info3->uni_logon_srv)); + (*server_info)->ptok = token; SAFE_FREE(lgroupSIDs); diff --git a/source3/include/auth.h b/source3/include/auth.h index 91751e7180..7282f4d38b 100644 --- a/source3/include/auth.h +++ b/source3/include/auth.h @@ -69,6 +69,8 @@ typedef struct auth_serversupplied_info DATA_BLOB user_session_key; DATA_BLOB lm_session_key; + + char *login_server; /* which server authorized the login? */ uint32 sam_fill_level; /* How far is this structure filled? */ diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index a6fe9ef31a..7880a724b5 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -764,8 +764,13 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * return NT_STATUS_UNSUCCESSFUL; } - pstrcpy(my_name, global_myname()); - + + if(server_info->login_server) { + pstrcpy(my_name, server_info->login_server); + } else { + pstrcpy(my_name, global_myname()); + } + if (!NT_STATUS_IS_OK(status = nt_token_to_group_list(p->mem_ctx, &domain_sid, -- cgit