From f67156fc920b9a5c84c4fcaf1bf41640ddae6005 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 21 May 2008 12:37:36 +1000 Subject: Extend the 'netlogon' CLDAP and NBT implementation. This now handles checking if the user exists, including validating the ACB mask on the user. This would be a nasty security hole, if Kerberos did not already expose this information anonymously... Andrew Bartlett (This used to be commit 441b286c00f9a7743cdefeb243545bdbd2c94c5e) --- source4/nbt_server/dgram/netlogon.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source4/nbt_server/dgram') diff --git a/source4/nbt_server/dgram/netlogon.c b/source4/nbt_server/dgram/netlogon.c index 664cd56636..5e263a5854 100644 --- a/source4/nbt_server/dgram/netlogon.c +++ b/source4/nbt_server/dgram/netlogon.c @@ -139,7 +139,7 @@ static void nbtd_netlogon_samlogon(struct dgram_mailslot_handler *dgmslot, } status = fill_netlogon_samlogon_response(samctx, packet, NULL, name->name, sid, NULL, - netlogon->req.logon.user_name, src->addr, + netlogon->req.logon.user_name, netlogon->req.logon.acct_control, src->addr, netlogon->req.logon.nt_version, iface->nbtsrv->task->lp_ctx, &netlogon_response.samlogon); if (!NT_STATUS_IS_OK(status)) { DEBUG(2,("NBT netlogon query failed domain=%s sid=%s version=%d - %s\n", -- cgit