From 1106d1fa6bab66592780429eb1e9162b42a67e8e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 27 Jul 2005 15:08:11 +0000 Subject: r8796: disable schannel on the lsa client pipe for now to deal with Windows 2003 sp1 and Windows 2000 SP4 SR1 (This used to be commit bc1443837c81bebbac7894075a15fe96338f8b0a) --- source3/nsswitch/winbindd_cm.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'source3/nsswitch') diff --git a/source3/nsswitch/winbindd_cm.c b/source3/nsswitch/winbindd_cm.c index 6400b23f9f..d4022a8455 100644 --- a/source3/nsswitch/winbindd_cm.c +++ b/source3/nsswitch/winbindd_cm.c @@ -1038,6 +1038,12 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, conn = &domain->conn; if (conn->lsa_pipe == NULL) { +#if 0 + /* disabling schannl on the LSA pipe for now since + both Win2K-SP4 SR1 & Win2K3-SP1 fail the open_policy() + call (return codes 0xc0020042 and 0xc0020041 respectively). + We really need to fix this soon. --jerry */ + unsigned char *session_key; if (cm_get_schannel_key(domain, mem_ctx, &session_key)) @@ -1046,6 +1052,7 @@ NTSTATUS cm_connect_lsa(struct winbindd_domain *domain, TALLOC_CTX *mem_ctx, session_key, domain->name); else +#endif conn->lsa_pipe = cli_rpc_open_noauth(conn->cli, PI_LSARPC); -- cgit