summaryrefslogtreecommitdiff
path: root/source3/libnet/libnet_join.c
Commit message (Collapse)AuthorAgeFilesLines
* s3:libads: Just change the machine password if account already existsAndreas Schneider2019-10-091-0/+1
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884 Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3:libnet: Improve debug messagesAndreas Schneider2019-10-091-2/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3:libads: Fix creating machine account using LDAPAndreas Schneider2019-10-091-7/+16
| | | | | | | | | | | This implements the same behaviour as Windows. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13884 Pair-Programmed-With: Guenther Deschner <gd@samba.org> Signed-off-by: Guenther Deschner <gd@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3:libnet: Require sealed LDAP SASL connections for joiningAndreas Schneider2019-10-091-1/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* s3:rpc_client: Return NTSTATUS for init_samr_CryptPasswordEx()Andreas Schneider2019-07-261-3/+6
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:rpc_client: Return NTSTATUS for init_samr_CryptPassword()Andreas Schneider2019-07-261-3/+7
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14031 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3-libnet_join: allow fallback to NTLMSSP auth in libnet_joinGünther Deschner2019-04-031-0/+2
| | | | | | | | | | | | | | | | | When a non-DNS and non-default admin domain is provided during the join sometimes we might not be able to kinit with 'user@SHORTDOMAINNAME' (e.g. when the winbind krb5 locator is not installed). In that case lets fallback to NTLMSSP, like we do in winbind. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13861 Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org> Autobuild-Date(master): Wed Apr 3 18:57:31 UTC 2019 on sn-devel-144
* s3-libnet_join: setup libnet join error string when AD connect failsGünther Deschner2019-04-031-0/+3
| | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=13861 Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-libnet_join: always pass down admin domain to ads layerGünther Deschner2019-04-031-0/+12
| | | | | | | | | | | | Otherwise we could loose the information that a non-default domain name has been used for admin creds. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13861 Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet: Use more secure name for the JOIN krb5.confAndreas Schneider2019-04-021-3/+5
| | | | | | | | | | Currently we create krb5.conf..JOIN, use krb5.conf._JOIN_ instead. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13861 Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libnet: Fix debug message in libnet_DomainJoin()Guenther Deschner2019-04-021-2/+2
| | | | | | | | A newline is missing but also use DBG_INFO macro and cleanup spelling. Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libads: Add net ads leave keep-account optionJustin Stephenson2018-07-301-0/+2
| | | | | | | | | | | Add the ability to leave the domain with --keep-account argument to avoid removal of the host machine account. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13498 Signed-off-by: Justin Stephenson <jstephen@redhat.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Alexander Bokovoy <ab@samba.org>
* libsmb: Give dsgetdcname.c its own headerVolker Lendecke2018-04-111-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* libsmb: Give namequery.c its own headerVolker Lendecke2018-04-111-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-libnet: move rpc_join label into HAVE_ADS block with only callerAndrew Bartlett2018-03-221-1/+2
| | | | | Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: make use of create_builtin_guests()Stefan Metzmacher2018-03-191-0/+12
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet: Add FALL_THROUGH statements in libnet_join.cAndreas Schneider2018-03-011-1/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libnet_join: fix "net rpc oldjoin"Stefan Metzmacher2017-11-181-8/+45
| | | | | | | | | | | | | | We need to open the ncacn_np (smb) transport connection with anonymous credentials. In order to do netr_ServerPasswordSet*() we need to establish a 2nd netlogon connection using dcerpc schannel authentication. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13149 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* rpc_client3: Avoid "cli_credentials" in cli_rpc_pipe_open_schannel_with_credsVolker Lendecke2017-09-251-1/+0
| | | | | | | | | This provides cleaner data dependencies. A netlogon_creds_ctx contains everything required to open an schannel, there is no good reason to require cli_credentials here. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* cli_netlogon: Eliminate rpccli_setup_netlogon_creds_with_credsVolker Lendecke2017-09-161-5/+5
| | | | | | | Inlining the code from rpccli_setup_netlogon_creds Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* cli_netlogon: Rename rpccli_create_netlogon_creds_with_credsVolker Lendecke2017-09-161-6/+6
| | | | | | | This creates a context with access to a credentials, not credentials Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libnet: Use rpccli_setup_netlogon_creds_with_creds in join_unsecureVolker Lendecke2017-09-161-9/+7
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* libnet: Use rpccli_create_netlogon_creds_with_creds in join_unsecureVolker Lendecke2017-09-161-8/+18
| | | | | | | | rpccli_create_netlogon_creds_with_creds just extracts the values we set here from cli_credentials, and the lower-level interface is supposed to go away. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* cli_netlogon: Pass server_dns_domain through rpccli_create_netlogon_credsVolker Lendecke2017-09-161-0/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* s3:libnet: make use of secrets_store_JoinCtx()Stefan Metzmacher2017-06-271-21/+5
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* libcli/auth: pass the cleartext blob to netlogon_creds_cli_ServerPasswordSet*()Stefan Metzmacher2017-06-271-1/+18
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:secrets: let secrets_delete_machine_password_ex() also remove the ↵Stefan Metzmacher2017-06-271-5/+4
| | | | | | | | | des_salt key BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:secrets: let secrets_delete_machine_password_ex() remove SID and GUID tooStefan Metzmacher2017-06-271-4/+0
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: move kerberos_secrets_store_des_salt() to ↵Stefan Metzmacher2017-06-271-11/+10
| | | | | | | | | libnet_join_joindomain_store_secrets() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: move libnet_join_joindomain_store_secrets() to ↵Stefan Metzmacher2017-06-271-5/+4
| | | | | | | | | | | | libnet_join_post_processing() We should not store the secrets before we did all remote changes (except the optional dns updates). BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: call do_JoinConfig() after we did remote changes on the serverStefan Metzmacher2017-06-271-5/+10
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: split libnet_join_post_processing_ads() into modify/syncStefan Metzmacher2017-06-271-3/+21
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: move kerberos_secrets_store_des_salt() out of ↵Stefan Metzmacher2017-06-271-1/+12
| | | | | | | | | | | libnet_join_derive_salting_principal() We should separate the calculation and the storing steps. BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: remember r->out.krb5_salt in ↵Stefan Metzmacher2017-06-271-0/+1
| | | | | | | | | libnet_join_derive_salting_principal() BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: remember the domain_guid for AD domainsStefan Metzmacher2017-06-271-0/+1
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: calculate r->out.account_name in libnet_join_pre_processing()Stefan Metzmacher2017-06-271-9/+9
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: remove dead code from libnet_join_connect_ads()Stefan Metzmacher2017-06-271-7/+2
| | | | | | | | | username[strlen(username)] is *always* '\0'! BUG: https://bugzilla.samba.org/show_bug.cgi?id=12782 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3:libnet_join: make use of trust_pw_new_value()Stefan Metzmacher2017-02-211-6/+10
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=12262 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org>
* s3:libnet_join: make use of cli_full_connection_creds()Stefan Metzmacher2016-12-021-17/+9
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* s3-libnet: Pass enum value names to dcerpc_samr_SetUserInfo2()Andreas Schneider2016-10-061-3/+3
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s4-libnet: Use SetUserInfo2 to set the account flagsAndreas Schneider2016-10-061-5/+5
| | | | | | | | [MS-WKST] states that SetUserInfo2 should be used to set the account flags. We already call this a few lines down to set the password. Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_DEFAULT_JOIN_REQUIRED with ↵Günther Deschner2016-09-281-2/+2
| | | | | | | | | WERR_NERR_DEFAULTJOINREQUIRED in source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_SETUP_DOMAIN_CONTROLLER with ↵Günther Deschner2016-09-281-1/+1
| | | | | | | | | WERR_NERR_SETUPDOMAINCONTROLLER in source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_SETUP_NOT_JOINED with WERR_NERR_SETUPNOTJOINED in ↵Günther Deschner2016-09-281-4/+4
| | | | | | | | | source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_SETUP_ALREADY_JOINED with WERR_NERR_SETUPALREADYJOINED ↵Günther Deschner2016-09-281-1/+1
| | | | | | | | | in source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_DCNOTFOUND with WERR_NERR_DCNOTFOUND in ↵Günther Deschner2016-09-281-5/+5
| | | | | | | | | source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_NO_SUCH_SERVICE with WERR_SERVICE_DOES_NOT_EXIST in ↵Günther Deschner2016-09-281-10/+10
| | | | | | | | | source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_INVALID_PARAM with WERR_INVALID_PARAMETER in ↵Günther Deschner2016-09-281-5/+5
| | | | | | | | | source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_GENERAL_FAILURE with WERR_GEN_FAILURE in ↵Günther Deschner2016-09-281-1/+1
| | | | | | | | | source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* werror: replace WERR_NOMEM with WERR_NOT_ENOUGH_MEMORY in ↵Günther Deschner2016-09-281-4/+4
| | | | | | | | | source3/libnet/libnet_join.c Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
View Lorry Controller Status