diff options
| author | Garming Sam <garming@catalyst.net.nz> | 2017-04-12 14:12:32 +1200 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2017-05-30 08:06:06 +0200 |
| commit | 2368f57b4d7bc26ba08273020d7281fab6f817c8 (patch) | |
| tree | 87428f7c5eb6d9d77efbb162bb07c047e34b0fea /source3 | |
| parent | a6a19e4308d4e81418eb5810cf492407dc91344b (diff) | |
| download | samba-2368f57b4d7bc26ba08273020d7281fab6f817c8.tar.gz | |
winbindd: Do not run SAM auth stack in winbind SamLogon
pdbtest.s4winbind no longer is applicable without a live NETLOGON
connection.
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/winbindd/winbindd_dual_srv.c | 4 | ||||
| -rw-r--r-- | source3/winbindd/winbindd_pam.c | 4 | ||||
| -rw-r--r-- | source3/winbindd/winbindd_proto.h | 1 |
3 files changed, 7 insertions, 2 deletions
diff --git a/source3/winbindd/winbindd_dual_srv.c b/source3/winbindd/winbindd_dual_srv.c index 02b1adb2117..8007c7d38d1 100644 --- a/source3/winbindd/winbindd_dual_srv.c +++ b/source3/winbindd/winbindd_dual_srv.c @@ -890,7 +890,9 @@ NTSTATUS _winbind_SamLogon(struct pipes_struct *p, r->in.logon.network->identity_info.workstation.string, r->in.logon.network->challenge, lm_response, nt_response, - &r->out.authoritative, &flags, + &r->out.authoritative, + true, + &flags, &r->out.validation.sam3); return status; } diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index c792cfe704f..4d3a7eeb1ba 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -2003,6 +2003,7 @@ NTSTATUS winbind_dual_SamLogon(struct winbindd_domain *domain, DATA_BLOB lm_response, DATA_BLOB nt_response, uint8_t *authoritative, + bool skip_sam, uint32_t *flags, struct netr_SamInfo3 **info3) { @@ -2017,7 +2018,7 @@ NTSTATUS winbind_dual_SamLogon(struct winbindd_domain *domain, * name_domain can also be lp_realm() * we need to check against domain->name. */ - if (strequal(domain->name, get_global_sam_name())) { + if (!skip_sam && strequal(domain->name, get_global_sam_name())) { DATA_BLOB chal_blob = data_blob_const( chal, 8); @@ -2172,6 +2173,7 @@ enum winbindd_result winbindd_dual_pam_auth_crap(struct winbindd_domain *domain, lm_resp, nt_resp, &authoritative, + false, &flags, &info3); if (!NT_STATUS_IS_OK(result)) { diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h index 57b363a7bd8..6d6fafcb72f 100644 --- a/source3/winbindd/winbindd_proto.h +++ b/source3/winbindd/winbindd_proto.h @@ -454,6 +454,7 @@ NTSTATUS winbind_dual_SamLogon(struct winbindd_domain *domain, DATA_BLOB lm_response, DATA_BLOB nt_response, uint8_t *authoritative, + bool skip_sam, uint32_t *flags, struct netr_SamInfo3 **info3); |