1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

s4-secrets: fetch secure channel type with domain SID

The secure channel type is needed to work out what DC to connect to

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Andrew Tridgell 2010-09-13 12:15:52 +10:00
parent bd51d30809
commit 94fb6120d8
4 changed files with 27 additions and 4 deletions

View File

@ -101,15 +101,17 @@ struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx,
struct tevent_context *ev_ctx, struct tevent_context *ev_ctx,
struct loadparm_context *lp_ctx, struct loadparm_context *lp_ctx,
const char *domain, const char *domain,
enum netr_SchannelType *sec_channel_type,
char **errstring) char **errstring)
{ {
struct ldb_context *ldb; struct ldb_context *ldb;
struct ldb_message *msg; struct ldb_message *msg;
int ldb_ret; int ldb_ret;
const char *attrs[] = { "objectSid", NULL }; const char *attrs[] = { "objectSid", "secureChannelType", NULL };
struct dom_sid *result = NULL; struct dom_sid *result = NULL;
const struct ldb_val *v; const struct ldb_val *v;
enum ndr_err_code ndr_err; enum ndr_err_code ndr_err;
*errstring = NULL; *errstring = NULL;
ldb = secrets_db_connect(mem_ctx, ev_ctx, lp_ctx); ldb = secrets_db_connect(mem_ctx, ev_ctx, lp_ctx);
@ -135,6 +137,18 @@ struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx,
domain, (char *) ldb_get_opaque(ldb, "ldb_url")); domain, (char *) ldb_get_opaque(ldb, "ldb_url"));
return NULL; return NULL;
} }
if (sec_channel_type) {
int v;
v = ldb_msg_find_attr_as_int(msg, "secureChannelType", -1);
if (v == -1) {
*errstring = talloc_asprintf(mem_ctx, "Failed to find secureChannelType for %s in %s",
domain, (char *) ldb_get_opaque(ldb, "ldb_url"));
return NULL;
}
*sec_channel_type = v;
}
result = talloc(mem_ctx, struct dom_sid); result = talloc(mem_ctx, struct dom_sid);
if (result == NULL) { if (result == NULL) {
talloc_free(ldb); talloc_free(ldb);

View File

@ -38,12 +38,14 @@
*/ */
struct loadparm_context; struct loadparm_context;
struct tevent_context; struct tevent_context;
enum netr_SchannelType;
struct tdb_wrap *secrets_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx); struct tdb_wrap *secrets_init(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx);
struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx, struct loadparm_context *lp_ctx); struct ldb_context *secrets_db_connect(TALLOC_CTX *mem_ctx, struct tevent_context *ev_ctx, struct loadparm_context *lp_ctx);
struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx, struct dom_sid *secrets_get_domain_sid(TALLOC_CTX *mem_ctx,
struct tevent_context *ev_ctx, struct tevent_context *ev_ctx,
struct loadparm_context *lp_ctx, struct loadparm_context *lp_ctx,
const char *domain, const char *domain,
enum netr_SchannelType *sec_channel_type,
char **errstring); char **errstring);

View File

@ -239,7 +239,9 @@ static void winbind_task_init(struct task_server *task)
primary_sid = secrets_get_domain_sid(service, primary_sid = secrets_get_domain_sid(service,
service->task->event_ctx, service->task->event_ctx,
service->task->lp_ctx, service->task->lp_ctx,
lpcfg_netbios_name(service->task->lp_ctx), &errstring); lpcfg_netbios_name(service->task->lp_ctx),
&service->sec_channel_type,
&errstring);
if (!primary_sid) { if (!primary_sid) {
char *message = talloc_asprintf(task, char *message = talloc_asprintf(task,
"Cannot start Winbind (standalone configuration): %s: " "Cannot start Winbind (standalone configuration): %s: "
@ -253,7 +255,9 @@ static void winbind_task_init(struct task_server *task)
primary_sid = secrets_get_domain_sid(service, primary_sid = secrets_get_domain_sid(service,
service->task->event_ctx, service->task->event_ctx,
service->task->lp_ctx, service->task->lp_ctx,
lpcfg_workgroup(service->task->lp_ctx), &errstring); lpcfg_workgroup(service->task->lp_ctx),
&service->sec_channel_type,
&errstring);
if (!primary_sid) { if (!primary_sid) {
char *message = talloc_asprintf(task, "Cannot start Winbind (domain member): %s: " char *message = talloc_asprintf(task, "Cannot start Winbind (domain member): %s: "
"Have you joined the %s domain?", "Have you joined the %s domain?",
@ -266,7 +270,9 @@ static void winbind_task_init(struct task_server *task)
primary_sid = secrets_get_domain_sid(service, primary_sid = secrets_get_domain_sid(service,
service->task->event_ctx, service->task->event_ctx,
service->task->lp_ctx, service->task->lp_ctx,
lpcfg_workgroup(service->task->lp_ctx), &errstring); lpcfg_workgroup(service->task->lp_ctx),
&service->sec_channel_type,
&errstring);
if (!primary_sid) { if (!primary_sid) {
char *message = talloc_asprintf(task, "Cannot start Winbind (domain controller): %s: " char *message = talloc_asprintf(task, "Cannot start Winbind (domain controller): %s: "
"Have you provisioned the %s domain?", "Have you provisioned the %s domain?",

View File

@ -29,6 +29,7 @@ struct wbsrv_service {
struct task_server *task; struct task_server *task;
const struct dom_sid *primary_sid; const struct dom_sid *primary_sid;
enum netr_SchannelType sec_channel_type;
struct wbsrv_domain *domains; struct wbsrv_domain *domains;
struct idmap_context *idmap_ctx; struct idmap_context *idmap_ctx;
const char *priv_pipe_dir; const char *priv_pipe_dir;