summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLuke Leighton <lkcl@samba.org>2000-03-08 09:24:01 +0000
committerLuke Leighton <lkcl@samba.org>2000-03-08 09:24:01 +0000
commitb2d3ac3d72f58bb03ab31f49b9c09b362dc91369 (patch)
treeba09a929d13ef68762bf20a046eae8554aafcb02
parent053247c638d838a1ea5132d9e56943392bc1e150 (diff)
downloadsamba-b2d3ac3d72f58bb03ab31f49b9c09b362dc91369.tar.gz
attempting to get trust relationship setup going again.
Diffstat
-rw-r--r--source/rpc_client/msrpc_netlogon.c13
-rw-r--r--source/rpcclient/cmd_samr.c28
2 files changed, 37 insertions, 4 deletions
diff --git a/source/rpc_client/msrpc_netlogon.c b/source/rpc_client/msrpc_netlogon.c
index 1a8ffb771d4..a539d162bcc 100644
--- a/source/rpc_client/msrpc_netlogon.c
+++ b/source/rpc_client/msrpc_netlogon.c
@@ -81,6 +81,7 @@ static uint32 domain_client_validate(const char *user, const char *domain,
uint32 status;
fstring trust_acct;
fstring srv_name;
+ fstring sec_name;
BOOL cleartext = smb_apasslen != 0 && smb_apasslen != 24 &&
smb_ntpasslen == 0;
@@ -105,7 +106,17 @@ static uint32 domain_client_validate(const char *user, const char *domain,
return NT_STATUS_ACCESS_DENIED;
}
- if (!msrpc_lsa_query_trust_passwd("\\\\.", "$MACHINE.ACC",
+ if (acct_type == SEC_CHAN_DOMAIN)
+ {
+ fstrcpy(sec_name, "G$$");
+ fstrcat(sec_name, domain);
+ }
+ else
+ {
+ fstrcpy(sec_name, "$MACHINE.ACC");
+ }
+
+ if (!msrpc_lsa_query_trust_passwd("\\\\.", sec_name,
trust_passwd, NULL))
{
return NT_STATUS_ACCESS_DENIED;
diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c
index b9ddd43d5fd..69b7dc5c4d3 100644
--- a/source/rpcclient/cmd_samr.c
+++ b/source/rpcclient/cmd_samr.c
@@ -954,12 +954,14 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
{
fstring domain;
fstring acct_name;
+ fstring sec_name;
fstring name;
fstring sid;
DOM_SID sid1;
uint32 user_rid;
uint16 acb_info = ACB_NORMAL;
BOOL join_domain = False;
+ fstring join_dom_name;
int opt;
char *password = NULL;
pstring upwb;
@@ -992,7 +994,7 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
if (argc < 2)
{
- report(out_hnd, "createuser: <acct name> [-i] [-s] [-j] [-p password]\n");
+ report(out_hnd, "createuser: <acct name> [-i] [-s] [-j] domain_name [-p password]\n");
return;
}
@@ -1008,7 +1010,7 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
acb_info = ACB_WSTRUST;
}
- while ((opt = getopt(argc, argv,"isjp:w:")) != EOF)
+ while ((opt = getopt(argc, argv,"isj:p:w:")) != EOF)
{
switch (opt)
{
@@ -1025,6 +1027,7 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
case 'j':
{
join_domain = True;
+ fstrcpy(join_dom_name, optarg);
break;
}
case 'p':
@@ -1041,6 +1044,25 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
}
}
+ switch (acb_info)
+ {
+ case ACB_DOMTRUST:
+ {
+ fstrcpy(sec_name, "G$$");
+ fstrcat(sec_name, join_dom_name);
+ break;
+ }
+ case ACB_SVRTRUST:
+ case ACB_WSTRUST:
+ {
+ fstrcpy(sec_name, "$MACHINE.ACC");
+ break;
+ }
+ default:
+ {
+ break;
+ }
+ }
/*
* sort out the workstation name. if it's ourselves, and we're
* on MSRPC local loopback, must _also_ connect to workstation
@@ -1061,13 +1083,13 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[])
}
strupper(wks_name);
+ report(out_hnd, "SAM Create Domain User\n");
if (join_domain && acb_info == ACB_NORMAL)
{
report(out_hnd, "can only join trust accounts to a domain\n");
return;
}
- report(out_hnd, "SAM Create Domain User\n");
report(out_hnd, "Domain: %s Name: %s ACB: %s\n",
domain, acct_name,
pwdb_encode_acct_ctrl(acb_info, NEW_PW_FORMAT_SPACE_PADDED_LEN));
View Lorry Controller Status