diff options
| author | Joe Guo <joeg@catalyst.net.nz> | 2018-04-18 15:31:12 +1200 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2018-05-12 02:09:28 +0200 |
| commit | 5ed1682905849f8b1971eac79fa7718aa0f07744 (patch) | |
| tree | 1ff997c05c0074aea9b1cb72c2b60a7ea09802d6 | |
| parent | 4d950527f3e68cff7fa7281f3266be0d81cc9bde (diff) | |
| download | samba-5ed1682905849f8b1971eac79fa7718aa0f07744.tar.gz | |
traffic_replay: set gensec features to encrypt credentials
While running traffic_replay script against windows dc, it will fail
with a `LDAP_UNWILLING_TO_PERFORM` error for adding user.
Windows requires the credentials to be encrypted before sending.
`set_gensec_features` will fix it.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
| -rwxr-xr-x | script/traffic_replay | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/script/traffic_replay b/script/traffic_replay index 0e97d0a64af..df86115a48f 100755 --- a/script/traffic_replay +++ b/script/traffic_replay @@ -25,6 +25,7 @@ import shutil sys.path.insert(0, "bin/python") +from samba import gensec from samba.emulate import traffic import samba.getopt as options @@ -134,6 +135,7 @@ def main(): print_err("Removing user and machine accounts") lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) + creds.set_gensec_features(creds.get_gensec_features() | gensec.FEATURE_SEAL) ldb = traffic.openLdb(host, creds, lp) traffic.clean_up_accounts(ldb, opts.instance_id) exit(0) @@ -155,6 +157,7 @@ def main(): lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) + creds.set_gensec_features(creds.get_gensec_features() | gensec.FEATURE_SEAL) domain = opts.workgroup if domain: |