summaryrefslogtreecommitdiff
path: root/source4/heimdal
diff options
context:
space:
mode:
Diffstat (limited to 'source4/heimdal')
-rw-r--r--source4/heimdal/kdc/kerberos5.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/source4/heimdal/kdc/kerberos5.c b/source4/heimdal/kdc/kerberos5.c
index 7e7aefd21e5..3762abe0120 100644
--- a/source4/heimdal/kdc/kerberos5.c
+++ b/source4/heimdal/kdc/kerberos5.c
@@ -762,9 +762,9 @@ kdc_check_flags(krb5_context context,
return KRB5KDC_ERR_POLICY;
}
- if(!client->flags.client){
+ if (!is_as_req && !client->flags.client){
kdc_log(context, config, 0,
- "Principal may not act as client -- %s", client_name);
+ "Principal may only act as client in AS-REQ -- %s", client_name);
return KRB5KDC_ERR_POLICY;
}
@@ -1055,7 +1055,7 @@ _kdc_as_rep(krb5_context context,
*/
ret = _kdc_db_fetch(context, config, client_princ,
- HDB_F_GET_CLIENT | flags, NULL,
+ HDB_F_GET_ANY | flags, NULL,
&clientdb, &client);
if(ret == HDB_ERR_NOT_FOUND_HERE) {
kdc_log(context, config, 5, "client %s does not have secrets at this KDC, need to proxy", client_name);
View Lorry Controller Status