diff options
author | Stefan Metzmacher <metze@samba.org> | 2016-01-07 14:55:07 +0100 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2016-06-30 03:30:26 +0200 |
commit | 6257003dff558f5736eb89fc909b623aadd121c9 (patch) | |
tree | 59f0ac33fbf3140bb0bb9b288b030816f72c1166 /source4/auth | |
parent | 432e83bf5bebd9f4fadb98fcadb82a32eb1b88ed (diff) | |
download | samba-6257003dff558f5736eb89fc909b623aadd121c9.tar.gz |
s4:auth: fill user_principal_* and dns_domain_name in authsam_make_user_info_dc()
This is required in order to support netr_SamInfo6 and PAC_UPN_DNS_INFO
correctly.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'source4/auth')
-rw-r--r-- | source4/auth/auth.h | 1 | ||||
-rw-r--r-- | source4/auth/ntlm/auth_sam.c | 4 | ||||
-rw-r--r-- | source4/auth/sam.c | 23 |
3 files changed, 27 insertions, 1 deletions
diff --git a/source4/auth/auth.h b/source4/auth/auth.h index c472d86d1ed..fb486941697 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -123,6 +123,7 @@ struct auth_session_info *system_session(struct loadparm_context *lp_ctx); NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, const char *netbios_name, const char *domain_name, + const char *dns_domain_name, struct ldb_dn *domain_dn, struct ldb_message *msg, DATA_BLOB user_sess_key, DATA_BLOB lm_sess_key, diff --git a/source4/auth/ntlm/auth_sam.c b/source4/auth/ntlm/auth_sam.c index b223706f884..449819329d0 100644 --- a/source4/auth/ntlm/auth_sam.c +++ b/source4/auth/ntlm/auth_sam.c @@ -611,8 +611,10 @@ static NTSTATUS authsam_check_password_internals(struct auth_method_context *ctx return nt_status; } - nt_status = authsam_make_user_info_dc(tmp_ctx, ctx->auth_ctx->sam_ctx, lpcfg_netbios_name(ctx->auth_ctx->lp_ctx), + nt_status = authsam_make_user_info_dc(tmp_ctx, ctx->auth_ctx->sam_ctx, + lpcfg_netbios_name(ctx->auth_ctx->lp_ctx), lpcfg_sam_name(ctx->auth_ctx->lp_ctx), + lpcfg_sam_dnsname(ctx->auth_ctx->lp_ctx), domain_dn, msg, user_sess_key, lm_sess_key, diff --git a/source4/auth/sam.c b/source4/auth/sam.c index 56b64e50093..759585ef49c 100644 --- a/source4/auth/sam.c +++ b/source4/auth/sam.c @@ -284,6 +284,7 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, struct ldb_context *sam_ctx, const char *netbios_name, const char *domain_name, + const char *dns_domain_name, struct ldb_dn *domain_dn, struct ldb_message *msg, DATA_BLOB user_sess_key, @@ -401,12 +402,33 @@ _PUBLIC_ NTSTATUS authsam_make_user_info_dc(TALLOC_CTX *mem_ctx, info->account_name = talloc_steal(info, ldb_msg_find_attr_as_string(msg, "sAMAccountName", NULL)); + info->user_principal_name = talloc_steal(info, + ldb_msg_find_attr_as_string(msg, "userPrincipalName", NULL)); + if (info->user_principal_name == NULL && dns_domain_name != NULL) { + info->user_principal_name = talloc_asprintf(info, "%s@%s", + info->account_name, + dns_domain_name); + if (info->user_principal_name == NULL) { + TALLOC_FREE(user_info_dc); + return NT_STATUS_NO_MEMORY; + } + info->user_principal_constructed = true; + } + info->domain_name = talloc_strdup(info, domain_name); if (info->domain_name == NULL) { TALLOC_FREE(user_info_dc); return NT_STATUS_NO_MEMORY; } + if (dns_domain_name != NULL) { + info->dns_domain_name = talloc_strdup(info, dns_domain_name); + if (info->dns_domain_name == NULL) { + TALLOC_FREE(user_info_dc); + return NT_STATUS_NO_MEMORY; + } + } + str = ldb_msg_find_attr_as_string(msg, "displayName", ""); info->full_name = talloc_strdup(info, str); if (info->full_name == NULL) { @@ -630,6 +652,7 @@ NTSTATUS authsam_get_user_info_dc_principal(TALLOC_CTX *mem_ctx, nt_status = authsam_make_user_info_dc(tmp_ctx, sam_ctx, lpcfg_netbios_name(lp_ctx), lpcfg_sam_name(lp_ctx), + lpcfg_sam_dnsname(lp_ctx), domain_dn, msg, user_sess_key, lm_sess_key, |