From f793c99ca54d62cb8142607e8449f5b5b3a5e79d Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 11 Dec 2007 13:05:44 +0100 Subject: Let get_trust_pw() determine the machine_account_name to use. Up to now each caller used its own logic. This eliminates code paths where there was a special treatment of the following situation: the domain given is not our workgroup (i.e. our own domain) and we are not a DC (i.e. it is not a typical trusted domain situation). In situation the given domain name was previously used as the machine account name, resulting in an account name of DOMAIN\\DOMAIN$, which does not seem very reasonable to me. get_trust_pw would not have obtained a password in this situation anyways. I hope I have not missed an important point here! Michael (This used to be commit 6ced4a7f88798dc449a667d63bc29bf6c569291f) --- source3/passdb/passdb.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) (limited to 'source3/passdb') diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 2a4d4c4a0a..f9b972da9b 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -1523,10 +1523,12 @@ bool pdb_increment_bad_password_count(struct samu *sampass) /******************************************************************* - Wrapper around retrieving the trust account password + Wrapper around retrieving the trust account password. + appropriate account name is stored in account_name. *******************************************************************/ -bool get_trust_pw(const char *domain, uint8 ret_pwd[16], uint32 *channel) +bool get_trust_pw(const char *domain, uint8 ret_pwd[16], + const char **account_name, uint32 *channel) { DOM_SID sid; char *pwd; @@ -1550,6 +1552,10 @@ bool get_trust_pw(const char *domain, uint8 ret_pwd[16], uint32 *channel) E_md4hash(pwd, ret_pwd); SAFE_FREE(pwd); + if (account_name != NULL) { + *account_name = lp_workgroup(); + } + return True; } @@ -1558,7 +1564,13 @@ bool get_trust_pw(const char *domain, uint8 ret_pwd[16], uint32 *channel) if (secrets_fetch_trust_account_password(domain, ret_pwd, &last_set_time, channel)) + { + if (account_name != NULL) { + *account_name = global_myname(); + } + return True; + } DEBUG(5, ("get_trust_pw: could not fetch trust account " "password for domain %s\n", domain)); -- cgit