1 files changed, 13 insertions, 0 deletions

diff --git a/auth/credentials/credentials_secrets.c b/auth/credentials/credentials_secrets.c
index 625ce202838..4f2aeb585c0 100644
--- a/auth/credentials/credentials_secrets.c
+++ b/auth/credentials/credentials_secrets.c
@@ -239,6 +239,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
 	time_t secrets_tdb_lct = 0;
 	char *secrets_tdb_password = NULL;
 	char *secrets_tdb_old_password = NULL;
+	uint32_t secrets_tdb_secure_channel_type = SEC_CHAN_NULL;
 	char *keystr;
 	char *keystr_upper = NULL;
 	char *secrets_tdb;
@@ -287,6 +288,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
 		if (NT_STATUS_IS_OK(status)) {
 			secrets_tdb_password = (char *)dbuf.dptr;
 		}
+
 		keystr = talloc_asprintf(tmp_ctx, "%s/%s",
 					 SECRETS_MACHINE_PASSWORD_PREV,
 					 domain);
@@ -296,6 +298,16 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
 		if (NT_STATUS_IS_OK(status)) {
 			secrets_tdb_old_password = (char *)dbuf.dptr;
 		}
+
+		keystr = talloc_asprintf(tmp_ctx, "%s/%s",
+					 SECRETS_MACHINE_SEC_CHANNEL_TYPE,
+					 domain);
+		keystr_upper = strupper_talloc(tmp_ctx, keystr);
+		status = dbwrap_fetch(db_ctx, tmp_ctx, string_tdb_data(keystr_upper),
+				      &dbuf);
+		if (NT_STATUS_IS_OK(status) && dbuf.dsize == 4) {
+			secrets_tdb_secure_channel_type = IVAL(dbuf.dptr,0);
+		}
 	}
 
 	filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER, 
@@ -323,6 +335,7 @@ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cr
 		cli_credentials_set_domain(cred, domain, CRED_SPECIFIED);
 		cli_credentials_set_username(cred, machine_account, CRED_SPECIFIED);
 		cli_credentials_set_password_last_changed_time(cred, secrets_tdb_lct);
+		cli_credentials_set_secure_channel_type(cred, secrets_tdb_secure_channel_type);
 		status = NT_STATUS_OK;
 	} else if (!NT_STATUS_IS_OK(status)) {
 		if (db_ctx) {