diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2003-04-16 10:20:14 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2003-04-16 10:20:14 +0000 |
| commit | 6e6b7b79edae3efd0197651e9a8ce6775c001cf2 (patch) | |
| tree | 703a6e67574b344a83c9a551a0cc0ec80e5e62be /source/auth | |
| parent | c7dc0b27aca8f7e4653b25dae37ea38d68fc045a (diff) | |
| download | samba-6e6b7b79edae3efd0197651e9a8ce6775c001cf2.tar.gz | |
Store the type of 'sec channel' that we establish to the DC. If we are a
workstation, we have to use the workstation type, if we have a BDC account,
we must use the BDC type - even if we are pretending to be a workstation
at the moment.
Also actually store and retreive the last change time, so we can do
periodic password changes again (for RPC at least).
And finally, a couple of minor fixes to 'net'.
Andrew Bartlett
Diffstat (limited to 'source/auth')
| -rw-r--r-- | source/auth/auth_domain.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/source/auth/auth_domain.c b/source/auth/auth_domain.c index 7dca5914f0b..db5f7d82b08 100644 --- a/source/auth/auth_domain.c +++ b/source/auth/auth_domain.c @@ -352,6 +352,11 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, "Error was %s.\n", user_info->smb_name.str, user_info->domain.str, cli->srv_name_slash, nt_errstr(nt_status))); + + /* map to something more useful */ + if (NT_STATUS_EQUAL(nt_status, NT_STATUS_UNSUCCESSFUL)) { + nt_status = NT_STATUS_NO_LOGON_SERVERS; + } } else { nt_status = make_server_info_info3(mem_ctx, user_info->internal_username.str, user_info->smb_name.str, domain, server_info, &info3); @@ -400,6 +405,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, unsigned char trust_passwd[16]; time_t last_change_time; const char *domain = lp_workgroup(); + uint32 sec_channel_type = 0; if (!user_info || !server_info || !auth_context) { DEBUG(1,("check_ntdomain_security: Critical variables not present. Failing.\n")); @@ -422,7 +428,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, * No need to become_root() as secrets_init() is done at startup. */ - if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time)) + if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time, &sec_channel_type)) { DEBUG(0, ("check_ntdomain_security: could not fetch trust account password for domain '%s'\n", domain)); return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; @@ -447,7 +453,7 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, nt_status = domain_client_validate(mem_ctx, user_info, domain, (uchar *)auth_context->challenge.data, server_info, - password_server, global_myname(), SEC_CHAN_WKSTA, trust_passwd, last_change_time); + password_server, global_myname(), sec_channel_type,trust_passwd, last_change_time); return nt_status; } |