sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-03 01:18:10 +03:00
Code

param: Add "client netlogon ping protocol"

Browse Source 
Allow "net ads join" in environments where UDP/389 is blocked. Code
will follow.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Volker Lendecke 2024-10-24 16:52:46 +02:00
parent b3a8f845ec
commit 24dc8ef174
3 changed files with 46 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
docs-xml/smbdotconf/security/clientnetlogonpingprotocol.xml Normal file
View File

@ -0,0 +1,30 @@
<samba:parameter name="client netlogon ping protocol"
context="G"
type="enum"
enumlist="enum_client_netlogon_ping_protocol"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>This option controls the protocol Samba uses to issue netlogon
ping requests. This is normally done via connectionless ldap, but
some installations require LDAPS over TCP port 636 for this.
</para>
<para>Possible values are :</para>
<itemizedlist>
<listitem>
<para><constant>CLDAP</constant></para>
</listitem>
<listitem>
<para><constant>LDAP</constant></para>
</listitem>
<listitem>
<para><constant>LDAPS</constant></para>
</listitem>
<listitem>
<para><constant>STARTTLS</constant></para>
</listitem>
</itemizedlist>
</description>
<value type="default">CLDAP</value>
</samba:parameter>

8
lib/param/loadparm.h
View File

@ -265,6 +265,14 @@ enum acl_claims_evaluation {
ACL_CLAIMS_EVALUATION_NEVER
};
/* Controlling the protocol for netlogon ping */
enum client_netlogon_ping_protocol {
CLIENT_NETLOGON_PING_CLDAP,
CLIENT_NETLOGON_PING_LDAP,
CLIENT_NETLOGON_PING_LDAPS,
CLIENT_NETLOGON_PING_STARTTLS
};
/*
* Default passwd chat script.
*/

8
lib/param/param_table.c
View File

@ -449,6 +449,14 @@ static const struct enum_list enum_acl_claims_evaluation[] = {
{-1, NULL}
};
static const struct enum_list enum_client_netlogon_ping_protocol[] = {
{CLIENT_NETLOGON_PING_CLDAP, "cldap"},
{CLIENT_NETLOGON_PING_LDAP, "ldap"},
{CLIENT_NETLOGON_PING_LDAPS, "ldaps"},
{CLIENT_NETLOGON_PING_STARTTLS, "starttls"},
{-1, NULL}
};
/* Note: We do not initialise the defaults union - it is not allowed in ANSI C
*
* NOTE: Handling of duplicated (synonym) parameters: