1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

r11492: Fix bug #3224 (I hope). Correctly use machine_account_name

and client_name when doing netlogon credential setup.
Jeremy.
This commit is contained in:
Jeremy Allison 2005-11-04 00:03:55 +00:00 committed by Gerald (Jerry) Carter
parent 3ba5d02cff
commit 37e6ef9389
7 changed files with 35 additions and 24 deletions

View File

@ -131,9 +131,10 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result)));
}
result = rpccli_netlogon_setup_creds(netlogon_pipe,
dc_name,
domain,
global_myname(),
dc_name, /* server name */
domain, /* domain */
global_myname(), /* client name */
global_myname(), /* machine account name */
machine_pwd,
sec_chan_type,
&neg_flags);

View File

@ -44,9 +44,10 @@ static NTSTATUS just_change_the_password(struct rpc_pipe_client *cli, TALLOC_CTX
uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS;
result = rpccli_netlogon_setup_creds(cli,
cli->cli->desthost,
lp_workgroup(),
global_myname(),
cli->cli->desthost, /* server name */
lp_workgroup(), /* domain */
global_myname(), /* client name */
global_myname(), /* machine account name */
orig_trust_passwd_hash,
sec_channel_type,
&neg_flags);

View File

@ -1352,10 +1352,11 @@ NTSTATUS cm_connect_netlogon(struct winbindd_domain *domain,
return NT_STATUS_NO_MEMORY;
}
result = rpccli_netlogon_setup_creds
(netlogon_pipe,
result = rpccli_netlogon_setup_creds(
netlogon_pipe,
domain->dcname, /* server name. */
domain->name, /* domain name */
global_myname(), /* client name */
account_name, /* machine account */
mach_pwd, /* machine password */
sec_chan_type, /* from get_trust_pw */

View File

@ -254,6 +254,7 @@ static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli,
NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
const char *server_name,
const char *domain,
const char *clnt_name,
const char *machine_account,
const unsigned char machine_pwd[16],
uint32 sec_chan_type,
@ -291,7 +292,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
result = rpccli_net_req_chal(cli,
cli->mem_ctx,
dc->remote_machine,
machine_account,
clnt_name,
&clnt_chal_send,
&srv_chal_recv);
@ -315,7 +316,7 @@ NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli,
dc->remote_machine,
dc->mach_acct,
sec_chan_type,
machine_account,
clnt_name,
neg_flags_inout,
&clnt_chal_send, /* input. */
&srv_chal_recv); /* output */

View File

@ -2409,7 +2409,7 @@ static struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli,
return NULL;
}
if ( IS_DC ) {
if ( IS_DC && !strequal(domain, lp_workgroup()) && lp_allow_trusted_domains()) {
fstrcpy( machine_account, lp_workgroup() );
} else {
/* Hmmm. Is this correct for trusted domains when we're a member server ? JRA. */
@ -2421,9 +2421,10 @@ static struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli,
}
*perr = rpccli_netlogon_setup_creds(netlogon_pipe,
cli->desthost,
domain,
machine_account,
cli->desthost, /* server name */
domain, /* domain */
global_myname(), /* client name */
machine_account, /* machine account name */
machine_pwd,
sec_chan_type,
&neg_flags);
@ -2531,7 +2532,10 @@ static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_
return NULL;
}
if ( IS_DC ) {
/* if we are a DC and this is a trusted domain, then we need to use our
domain name in the net_req_auth2() request */
if ( IS_DC && !strequal(domain, lp_workgroup()) && lp_allow_trusted_domains()) {
fstrcpy( machine_account, lp_workgroup() );
} else {
/* Hmmm. Is this correct for trusted domains when we're a member server ? JRA. */
@ -2543,9 +2547,10 @@ static struct rpc_pipe_client *get_schannel_session_key_auth_ntlmssp(struct cli_
}
*perr = rpccli_netlogon_setup_creds(netlogon_pipe,
cli->desthost,
domain,
machine_account,
cli->desthost, /* server name */
domain, /* domain */
global_myname(), /* client name */
machine_account, /* machine account name */
machine_pwd,
sec_chan_type,
&neg_flags);

View File

@ -573,9 +573,10 @@ static NTSTATUS do_cmd(struct cli_state *cli,
}
ntresult = rpccli_netlogon_setup_creds(cmd_entry->rpc_pipe,
cli->desthost,
lp_workgroup(),
global_myname(),
cli->desthost, /* server name */
lp_workgroup(), /* domain */
global_myname(), /* client name */
global_myname(), /* machine account name */
trust_password,
sec_channel_type,
&neg_flags);

View File

@ -303,9 +303,10 @@ int net_rpc_join_newstyle(int argc, const char **argv)
}
result = rpccli_netlogon_setup_creds(pipe_hnd,
cli->desthost,
domain,
global_myname(),
cli->desthost, /* server name */
domain, /* domain */
global_myname(), /* client name */
global_myname(), /* machine account name */
md4_trust_password,
sec_channel_type,
&neg_flags);