From 362ff066903524c710c53b92aad26671c8ebaa42 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 28 Aug 2007 04:35:29 +0000 Subject: r24730: Allow secrets entries to be for service principals. Andrew Bartlett (This used to be commit 7865d10a299a84ed42de4435b7e6400d56161ac5) --- source4/auth/credentials/credentials_files.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'source4/auth/credentials') diff --git a/source4/auth/credentials/credentials_files.c b/source4/auth/credentials/credentials_files.c index 7bf94de12f..2b6bc4f9d6 100644 --- a/source4/auth/credentials/credentials_files.c +++ b/source4/auth/credentials/credentials_files.c @@ -188,6 +188,7 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, "saltPrincipal", "privateKeytab", "krb5Keytab", + "servicePrincipalName", NULL }; @@ -246,12 +247,16 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred, machine_account = ldb_msg_find_attr_as_string(msgs[0], "samAccountName", NULL); if (!machine_account) { - DEBUG(1, ("Could not find 'samAccountName' in join record to domain: %s: filter: '%s' base: '%s'\n", - cli_credentials_get_domain(cred), filter, base)); - /* set anonymous as the fallback, if the machine account won't work */ - cli_credentials_set_anonymous(cred); - talloc_free(mem_ctx); - return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + machine_account = ldb_msg_find_attr_as_string(msgs[0], "servicePrincipalName", NULL); + + if (!machine_account) { + DEBUG(1, ("Could not find 'samAccountName' in join record to domain: %s: filter: '%s' base: '%s'\n", + cli_credentials_get_domain(cred), filter, base)); + /* set anonymous as the fallback, if the machine account won't work */ + cli_credentials_set_anonymous(cred); + talloc_free(mem_ctx); + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } } salt_principal = ldb_msg_find_attr_as_string(msgs[0], "saltPrincipal", NULL); -- cgit