From 850554084c32025c04f93cf5b9cf31088b93e68e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 8 Jun 2003 11:39:28 +0000 Subject: Make sure that we use schannel (if configured) when checking for a valid join to the DC. Andrew Bartlett (This used to be commit af526fa9b39ab1f8483d5cee66321bc12f78ac05) --- source3/utils/net_rpc_join.c | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index e389cf8ef8..fdb979a0e4 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -49,7 +49,6 @@ int net_rpc_join_ok(const char *domain) int retval = 1; uint32 channel; NTSTATUS result; - uint32 neg_flags = 0x000001ff; /* Connect to remote machine */ if (!(cli = net_make_ipc_connection(NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC))) { @@ -68,10 +67,12 @@ int net_rpc_join_ok(const char *domain) goto done; } - CHECK_RPC_ERR(cli_nt_setup_creds(cli, - channel, - stored_md4_trust_password, &neg_flags, 2), - "error in domain join verification"); + /* ensure that schannel uses the right domain */ + fstrcpy(cli->domain, domain); + if (! NT_STATUS_IS_OK(result = cli_nt_establish_netlogon(cli, channel, stored_md4_trust_password))) { + DEBUG(0,("Error in domain join verfication\n")); + goto done; + } retval = 0; /* Success! */ @@ -131,7 +132,6 @@ int net_rpc_join_newstyle(int argc, const char **argv) uint32 flags = 0x3e8; char *acct_name; const char *const_acct_name; - uint32 neg_flags = 0x000001ff; /* check what type of join */ if (argc >= 0) { @@ -315,11 +315,12 @@ int net_rpc_join_newstyle(int argc, const char **argv) goto done; } - CHECK_RPC_ERR(cli_nt_setup_creds(cli, - sec_channel_type, - md4_trust_password, &neg_flags, 2), - "error in domain join verification"); - + /* ensure that schannel uses the right domain */ + fstrcpy(cli->domain, domain); + CHECK_RPC_ERR(cli_nt_establish_netlogon(cli, sec_channel_type, + md4_trust_password), + "Error in domain join verfication\n"); + /* Now store the secret in the secrets database */ strupper(domain); @@ -366,7 +367,7 @@ done: **/ int net_rpc_testjoin(int argc, const char **argv) { - char *domain = smb_xstrdup(lp_workgroup()); + char *domain = smb_xstrdup(opt_target_workgroup); /* Display success or failure */ if (net_rpc_join_ok(domain) != 0) { -- cgit