sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-03 04:22:09 +03:00
Code Activity

Merge from HEAD - save the type of channel used to contact the DC.

Browse Source 
This allows us to join as a BDC, without appearing on the network as one
until we have the database replicated, and the admin changes the configuration.

This also change the SID retreval order from secrets.tdb, so we no longer
require a 'net rpc getsid' - the sid fetch during the domain join is sufficient.
Also minor fixes to 'net'.

Andrew Bartlett
This commit is contained in:
Andrew Bartlett
-
parent 9ba88c7314
commit 876e00fd11
24 changed files with 364 additions and 205 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
source/utils/net_ads.c
View File

@ -564,7 +564,7 @@ static int net_ads_leave(int argc, const char **argv)
if (!opt_password) {
char *user_name;
asprintf(&user_name, "%s$", global_myname());
opt_password = secrets_fetch_machine_password();
opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL);
opt_user_name = user_name;
}
@ -596,7 +596,7 @@ static int net_ads_join_ok(void)
asprintf(&user_name, "%s$", global_myname());
opt_user_name = user_name;
opt_password = secrets_fetch_machine_password();
opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL);
if (!(ads = ads_startup())) {
return -1;
@ -637,6 +637,8 @@ int net_ads_join(int argc, const char **argv)
void *res;
DOM_SID dom_sid;
char *ou_str;
uint32 sec_channel_type;
uint32 account_type = UF_WORKSTATION_TRUST_ACCOUNT;
if (argc > 0) org_unit = argv[0];
@ -645,6 +647,11 @@ int net_ads_join(int argc, const char **argv)
return -1;
}
/* check what type of join
TODO: make this variable like RPC
*/
account_type = UF_WORKSTATION_TRUST_ACCOUNT;
tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH);
password = strdup(tmp_password);
@ -669,7 +676,7 @@ int net_ads_join(int argc, const char **argv)
return -1;
}
rc = ads_join_realm(ads, global_myname(), org_unit);
rc = ads_join_realm(ads, global_myname(), account_type, org_unit);
if (!ADS_ERR_OK(rc)) {
d_printf("ads_join_realm: %s\n", ads_errstr(rc));
return -1;
@ -692,7 +699,7 @@ int net_ads_join(int argc, const char **argv)
return -1;
}
if (!secrets_store_machine_password(password)) {
if (!secrets_store_machine_password(password, lp_workgroup(), sec_channel_type)) {
DEBUG(1,("Failed to save machine password\n"));
return -1;
}
@ -945,7 +952,7 @@ int net_ads_changetrustpw(int argc, const char **argv)
asprintf(&user_name, "%s$", global_myname());
opt_user_name = user_name;
opt_password = secrets_fetch_machine_password();
opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL);
use_in_memory_ccache();