r26430: require explicit specification of loadparm context.

(This used to be commit 1b947fe0e6)

source4/auth/credentials/credentials.c

@@ -118,7 +118,8 @@ uint32_t cli_credentials_get_gensec_features(struct cli_credentials *creds)
 const char *cli_credentials_get_username(struct cli_credentials *cred)
 {
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred, 
+					cred->machine_account_pending_lp_ctx);
 	}
 
 	if (cred->username_obtained == CRED_CALLBACK && 
@@ -186,7 +187,8 @@ const char *cli_credentials_get_bind_dn(struct cli_credentials *cred)
 const char *cli_credentials_get_principal(struct cli_credentials *cred, TALLOC_CTX *mem_ctx)
 {
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred,
+					cred->machine_account_pending_lp_ctx);
 	}
 
 	if (cred->principal_obtained == CRED_CALLBACK && 
@@ -276,7 +278,8 @@ bool cli_credentials_authentication_requested(struct cli_credentials *cred)
 const char *cli_credentials_get_password(struct cli_credentials *cred)
 {
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred,
+						    cred->machine_account_pending_lp_ctx);
 	}
 
 	if (cred->password_obtained == CRED_CALLBACK && 
@@ -331,7 +334,8 @@ bool cli_credentials_set_password_callback(struct cli_credentials *cred,
 const char *cli_credentials_get_old_password(struct cli_credentials *cred)
 {
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred,
+						    cred->machine_account_pending_lp_ctx);
 	}
 
 	return cred->old_password;
@@ -400,7 +404,8 @@ bool cli_credentials_set_nt_hash(struct cli_credentials *cred,
 const char *cli_credentials_get_domain(struct cli_credentials *cred)
 {
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred,
+						    cred->machine_account_pending_lp_ctx);
 	}
 
 	if (cred->domain_obtained == CRED_CALLBACK && 
@@ -454,7 +459,8 @@ bool cli_credentials_set_domain_callback(struct cli_credentials *cred,
 const char *cli_credentials_get_realm(struct cli_credentials *cred)
 {	
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred,
+						    cred->machine_account_pending_lp_ctx);
 	}
 
 	if (cred->realm_obtained == CRED_CALLBACK && 
@@ -669,7 +675,7 @@ void cli_credentials_guess(struct cli_credentials *cred,
 	}
 	
 	if (cli_credentials_get_kerberos_state(cred) != CRED_DONT_USE_KERBEROS) {
-		cli_credentials_set_ccache(cred, NULL, CRED_GUESS_FILE);
+		cli_credentials_set_ccache(cred, lp_ctx, NULL, CRED_GUESS_FILE);
 	}
 }
 
@@ -733,7 +739,8 @@ bool cli_credentials_is_anonymous(struct cli_credentials *cred)
 	const char *username;
 	
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred,
+						    cred->machine_account_pending_lp_ctx);
 	}
 
 	username = cli_credentials_get_username(cred);

source4/auth/credentials/credentials.h

@@ -104,8 +104,8 @@ struct cli_credentials {
 
 	/* We are flagged to get machine account details from the
 	 * secrets.ldb when we are asked for a username or password */
-
 	bool machine_account_pending;
+	struct loadparm_context *machine_account_pending_lp_ctx;
 	
 	/* Is this a machine account? */
 	bool machine_account;

source4/auth/credentials/credentials_files.c

@@ -305,13 +305,13 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
 	 * (chewing CPU time) from the password */
 	keytab = ldb_msg_find_attr_as_string(msgs[0], "krb5Keytab", NULL);
 	if (keytab) {
-		cli_credentials_set_keytab_name(cred, keytab, CRED_SPECIFIED);
+		cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
 	} else {
 		keytab = ldb_msg_find_attr_as_string(msgs[0], "privateKeytab", NULL);
 		if (keytab) {
 			keytab = talloc_asprintf(mem_ctx, "FILE:%s", private_path(mem_ctx, lp_ctx, keytab));
 			if (keytab) {
-				cli_credentials_set_keytab_name(cred, keytab, CRED_SPECIFIED);
+				cli_credentials_set_keytab_name(cred, lp_ctx, keytab, CRED_SPECIFIED);
 			}
 		}
 	}
@@ -326,7 +326,8 @@ NTSTATUS cli_credentials_set_secrets(struct cli_credentials *cred,
  * @param cred Credentials structure to fill in
  * @retval NTSTATUS error detailing any failure
  */
-NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred)
+NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred,
+					     struct loadparm_context *lp_ctx)
 {
 	char *filter;
 	/* Bleh, nasty recursion issues: We are setting a machine
@@ -335,7 +336,7 @@ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred)
 	cred->machine_account_pending = false;
 	filter = talloc_asprintf(cred, SECRETS_PRIMARY_DOMAIN_FILTER, 
 				       cli_credentials_get_domain(cred));
-	return cli_credentials_set_secrets(cred, global_loadparm, NULL, 
+	return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
 					   SECRETS_PRIMARY_DOMAIN_DN,
 					   filter);
 }
@@ -369,6 +370,7 @@ NTSTATUS cli_credentials_set_krbtgt(struct cli_credentials *cred,
  * @retval NTSTATUS error detailing any failure
  */
 NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
+					      struct loadparm_context *lp_ctx,
 					      const char *serviceprincipal)
 {
 	char *filter;
@@ -380,7 +382,7 @@ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
 				 cli_credentials_get_realm(cred),
 				 cli_credentials_get_domain(cred),
 				 serviceprincipal);
-	return cli_credentials_set_secrets(cred, global_loadparm, NULL, 
+	return cli_credentials_set_secrets(cred, lp_ctx, NULL, 
 					   SECRETS_PRINCIPALS_DN, filter);
 }
 
@@ -393,9 +395,11 @@ NTSTATUS cli_credentials_set_stored_principal(struct cli_credentials *cred,
  *       than during, popt processing.
  *
  */
-void cli_credentials_set_machine_account_pending(struct cli_credentials *cred)
+void cli_credentials_set_machine_account_pending(struct cli_credentials *cred,
+						 struct loadparm_context *lp_ctx)
 {
 	cred->machine_account_pending = true;
+	cred->machine_account_pending_lp_ctx = lp_ctx;
 }
 
 

source4/auth/credentials/credentials_krb5.c

@@ -127,6 +127,7 @@ static int free_dccache(struct ccache_container *ccc) {
 }
 
 int cli_credentials_set_ccache(struct cli_credentials *cred, 
+			       struct loadparm_context *lp_ctx,
 			       const char *name, 
 			       enum credentials_obtained obtained)
 {
@@ -142,7 +143,7 @@ int cli_credentials_set_ccache(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, global_loadparm, 
+	ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
 					       &ccc->smb_krb5_context);
 	if (ret) {
 		talloc_free(ccc);
@@ -201,6 +202,7 @@ int cli_credentials_set_ccache(struct cli_credentials *cred,
 
 
 static int cli_credentials_new_ccache(struct cli_credentials *cred, 
+				      struct loadparm_context *lp_ctx,
 				      struct ccache_container **_ccc)
 {
 	krb5_error_code ret;
@@ -218,7 +220,7 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, global_loadparm, 
+	ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
 					       &ccc->smb_krb5_context);
 	if (ret) {
 		talloc_free(ccc);
@@ -250,12 +252,13 @@ static int cli_credentials_new_ccache(struct cli_credentials *cred,
 }
 
 int cli_credentials_get_ccache(struct cli_credentials *cred, 
+			       struct loadparm_context *lp_ctx,
 			       struct ccache_container **ccc)
 {
 	krb5_error_code ret;
 	
 	if (cred->machine_account_pending) {
-		cli_credentials_set_machine_account(cred);
+		cli_credentials_set_machine_account(cred, lp_ctx);
 	}
 
 	if (cred->ccache_obtained >= cred->ccache_threshold && 
@@ -267,7 +270,7 @@ int cli_credentials_get_ccache(struct cli_credentials *cred,
 		return EINVAL;
 	}
 
-	ret = cli_credentials_new_ccache(cred, ccc);
+	ret = cli_credentials_new_ccache(cred, lp_ctx, ccc);
 	if (ret) {
 		return ret;
 	}
@@ -344,6 +347,7 @@ static int free_gssapi_creds(struct gssapi_creds_container *gcc)
 }
 
 int cli_credentials_get_client_gss_creds(struct cli_credentials *cred, 
+					 struct loadparm_context *lp_ctx,
 					 struct gssapi_creds_container **_gcc) 
 {
 	int ret = 0;
@@ -355,7 +359,7 @@ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
 		*_gcc = cred->client_gss_creds;
 		return 0;
 	}
-	ret = cli_credentials_get_ccache(cred, 
+	ret = cli_credentials_get_ccache(cred, lp_ctx, 
 					 &ccache);
 	if (ret) {
 		DEBUG(1, ("Failed to get CCACHE for GSSAPI client: %s\n", error_message(ret)));
@@ -397,6 +401,7 @@ int cli_credentials_get_client_gss_creds(struct cli_credentials *cred,
 */
 
 int cli_credentials_set_client_gss_creds(struct cli_credentials *cred, 
+					 struct loadparm_context *lp_ctx,
 					 gss_cred_id_t gssapi_cred,
 					 enum credentials_obtained obtained) 
 {
@@ -413,7 +418,7 @@ int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_new_ccache(cred, &ccc);
+	ret = cli_credentials_new_ccache(cred, lp_ctx, &ccc);
 	if (ret != 0) {
 		return ret;
 	}
@@ -450,6 +455,7 @@ int cli_credentials_set_client_gss_creds(struct cli_credentials *cred,
  * it will be generated from the password.
  */
 int cli_credentials_get_keytab(struct cli_credentials *cred, 
+			       struct loadparm_context *lp_ctx,
 			       struct keytab_container **_ktc)
 {
 	krb5_error_code ret;
@@ -468,7 +474,7 @@ int cli_credentials_get_keytab(struct cli_credentials *cred,
 		return EINVAL;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, global_loadparm, 
+	ret = cli_credentials_get_krb5_context(cred, lp_ctx, 
 					       &smb_krb5_context);
 	if (ret) {
 		return ret;
@@ -503,6 +509,7 @@ int cli_credentials_get_keytab(struct cli_credentials *cred,
  * FILE:/etc/krb5.keytab), open it and attach it */
 
 int cli_credentials_set_keytab_name(struct cli_credentials *cred, 
+				    struct loadparm_context *lp_ctx,
 				    const char *keytab_name, 
 				    enum credentials_obtained obtained) 
 {
@@ -515,7 +522,7 @@ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
 		return 0;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
 	if (ret) {
 		return ret;
 	}
@@ -540,7 +547,8 @@ int cli_credentials_set_keytab_name(struct cli_credentials *cred,
 	return ret;
 }
 
-int cli_credentials_update_keytab(struct cli_credentials *cred) 
+int cli_credentials_update_keytab(struct cli_credentials *cred, 
+				  struct loadparm_context *lp_ctx) 
 {
 	krb5_error_code ret;
 	struct keytab_container *ktc;
@@ -553,7 +561,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred)
 		return ENOMEM;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
 	if (ret) {
 		talloc_free(mem_ctx);
 		return ret;
@@ -561,7 +569,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred)
 
 	enctype_strings = cli_credentials_get_enctype_strings(cred);
 	
-	ret = cli_credentials_get_keytab(cred, &ktc);
+	ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
 	if (ret != 0) {
 		talloc_free(mem_ctx);
 		return ret;
@@ -576,6 +584,7 @@ int cli_credentials_update_keytab(struct cli_credentials *cred)
 /* Get server gss credentials (in gsskrb5, this means the keytab) */
 
 int cli_credentials_get_server_gss_creds(struct cli_credentials *cred, 
+					 struct loadparm_context *lp_ctx,
 					 struct gssapi_creds_container **_gcc) 
 {
 	int ret = 0;
@@ -593,13 +602,12 @@ int cli_credentials_get_server_gss_creds(struct cli_credentials *cred,
 		return 0;
 	}
 
-	ret = cli_credentials_get_krb5_context(cred, global_loadparm, &smb_krb5_context);
+	ret = cli_credentials_get_krb5_context(cred, lp_ctx, &smb_krb5_context);
 	if (ret) {
 		return ret;
 	}
 
-	ret = cli_credentials_get_keytab(cred, 
+	ret = cli_credentials_get_keytab(cred, lp_ctx, &ktc);
-					 &ktc);
 	if (ret) {
 		DEBUG(1, ("Failed to get keytab for GSSAPI server: %s\n", error_message(ret)));
 		return ret;

source4/auth/gensec/gensec_gssapi.c

@@ -271,7 +271,7 @@ static NTSTATUS gensec_gssapi_server_start(struct gensec_security *gensec_securi
 		DEBUG(3, ("No machine account credentials specified\n"));
 		return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
 	} else {
-		ret = cli_credentials_get_server_gss_creds(machine_account, &gcc);
+		ret = cli_credentials_get_server_gss_creds(machine_account, gensec_security->lp_ctx, &gcc);
 		if (ret) {
 			DEBUG(1, ("Aquiring acceptor credentials failed: %s\n", 
 				  error_message(ret)));
@@ -357,7 +357,7 @@ static NTSTATUS gensec_gssapi_client_start(struct gensec_security *gensec_securi
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	ret = cli_credentials_get_client_gss_creds(creds, &gcc);
+	ret = cli_credentials_get_client_gss_creds(creds, gensec_security->lp_ctx, &gcc);
 	switch (ret) {
 	case 0:
 		break;
@@ -1365,6 +1365,7 @@ static NTSTATUS gensec_gssapi_session_info(struct gensec_security *gensec_securi
 		cli_credentials_set_anonymous(session_info->credentials);
 		
 		ret = cli_credentials_set_client_gss_creds(session_info->credentials, 
+							   gensec_security->lp_ctx, 
 							   gensec_gssapi_state->delegated_cred_handle,
 							   CRED_SPECIFIED);
 		if (ret) {

source4/auth/gensec/gensec_krb5.c

@@ -246,7 +246,7 @@ static NTSTATUS gensec_krb5_client_start(struct gensec_security *gensec_security
 
 	principal = gensec_get_target_principal(gensec_security);
 
-	ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), &ccache_container);
+	ret = cli_credentials_get_ccache(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &ccache_container);
 	switch (ret) {
 	case 0:
 		break;
@@ -444,7 +444,7 @@ static NTSTATUS gensec_krb5_update(struct gensec_security *gensec_security,
 		}	
 
 		/* Grab the keytab, however generated */
-		ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), &keytab);
+		ret = cli_credentials_get_keytab(gensec_get_credentials(gensec_security), gensec_security->lp_ctx, &keytab);
 		if (ret) {
 			return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
 		}

source4/auth/system_session.c

@@ -196,7 +196,7 @@ static NTSTATUS _auth_system_session_info(TALLOC_CTX *parent_ctx,
 	if (anonymous_credentials) {
 		cli_credentials_set_anonymous(session_info->credentials);
 	} else {
-		cli_credentials_set_machine_account_pending(session_info->credentials);
+		cli_credentials_set_machine_account_pending(session_info->credentials, lp_ctx);
 	}
 	*_session_info = session_info;
 

source4/dsdb/samdb/ldb_modules/update_keytab.c

@@ -158,7 +158,7 @@ static int update_kt_end_trans(struct ldb_module *module)
 	struct dn_list *p;
 	for (p=data->changed_dns; p; p = p->next) {
 		int kret;
-		kret = cli_credentials_update_keytab(p->creds);
+		kret = cli_credentials_update_keytab(p->creds, ldb_get_opaque(module->ldb, "loadparm"));
 		if (kret != 0) {
 			talloc_free(data->changed_dns);
 			data->changed_dns = NULL;

source4/kdc/kpasswdd.c

@@ -474,7 +474,7 @@ bool kpasswdd_process(struct kdc_server *kdc,
 	 * we already have, rather than a new context */	
 	cli_credentials_set_krb5_context(server_credentials, kdc->smb_krb5_context);
 	cli_credentials_set_conf(server_credentials, kdc->task->lp_ctx);
-	nt_status = cli_credentials_set_stored_principal(server_credentials, "kadmin/changepw");
+	nt_status = cli_credentials_set_stored_principal(server_credentials, kdc->task->lp_ctx, "kadmin/changepw");
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		ret = kpasswdd_make_unauth_error_reply(kdc, mem_ctx, 
 						       KRB5_KPASSWD_HARDERROR,

source4/ldap_server/ldap_server.c

@@ -397,7 +397,7 @@ static void ldapsrv_accept(struct stream_connection *c)
 	}
 	
 	cli_credentials_set_conf(server_credentials, conn->lp_ctx);
-	status = cli_credentials_set_machine_account(server_credentials);
+	status = cli_credentials_set_machine_account(server_credentials, conn->lp_ctx);
 	if (!NT_STATUS_IS_OK(status)) {
 		stream_terminate_connection(c, talloc_asprintf(conn, "Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status)));
 		return;

source4/lib/cmdline/popt_credentials.c

@@ -96,7 +96,7 @@ static void popt_common_credentials_callback(poptContext con,
 
 	case 'P':
 		/* Later, after this is all over, get the machine account details from the secrets.ldb */
-		cli_credentials_set_machine_account_pending(cmdline_credentials);
+		cli_credentials_set_machine_account_pending(cmdline_credentials, cmdline_lp_ctx);
 		break;
 
 	case OPT_KERBEROS:

source4/libnet/libnet_samdump_keytab.c

@@ -28,6 +28,7 @@
 #include "param/param.h"
 
 static NTSTATUS samdump_keytab_handle_user(TALLOC_CTX *mem_ctx,
+					   struct loadparm_context *lp_ctx,
 					    const char *keytab_name,
 					    struct netr_DELTA_ENUM *delta) 
 {
@@ -45,19 +46,19 @@ static NTSTATUS samdump_keytab_handle_user(TALLOC_CTX *mem_ctx,
 	if (!credentials) {
 		return NT_STATUS_NO_MEMORY;
 	}
-	cli_credentials_set_conf(credentials, global_loadparm);
+	cli_credentials_set_conf(credentials, lp_ctx);
 	cli_credentials_set_username(credentials, username, CRED_SPECIFIED);
 
 	/* We really should consult ldap in the main SamSync code, and
 	 * pass a value in here */
 	cli_credentials_set_kvno(credentials, 0);
 	cli_credentials_set_nt_hash(credentials, &user->ntpassword, CRED_SPECIFIED);
-	ret = cli_credentials_set_keytab_name(credentials, keytab_name, CRED_SPECIFIED);
+	ret = cli_credentials_set_keytab_name(credentials, lp_ctx, keytab_name, CRED_SPECIFIED);
 	if (ret) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
 
-	ret = cli_credentials_update_keytab(credentials);
+	ret = cli_credentials_update_keytab(credentials, lp_ctx);
 	if (ret) {
 		return NT_STATUS_UNSUCCESSFUL;
 	}
@@ -81,6 +82,7 @@ static NTSTATUS libnet_samdump_keytab_fn(TALLOC_CTX *mem_ctx,
 		/* not interested in builtin users */
 		if (database == SAM_DATABASE_DOMAIN) {
 			nt_status = samdump_keytab_handle_user(mem_ctx, 
+							       global_loadparm,
 							       keytab_name,
 							       delta);
 			break;

source4/libnet/libnet_vampire.c

@@ -186,7 +186,7 @@ NTSTATUS libnet_SamSync_netlogon(struct libnet_context *ctx, TALLOC_CTX *mem_ctx
 			return NT_STATUS_NO_MEMORY;
 		}
 		cli_credentials_set_conf(machine_account, ctx->lp_ctx);
-		nt_status = cli_credentials_set_machine_account(machine_account);
+		nt_status = cli_credentials_set_machine_account(machine_account, ctx->lp_ctx);
 		if (!NT_STATUS_IS_OK(nt_status)) {
 			r->out.error_string = talloc_strdup(mem_ctx, "Could not obtain machine account password - are we joined to the domain?");
 			talloc_free(samsync_ctx);

source4/ntvfs/cifs/vfs_cifs.c

@@ -180,7 +180,7 @@ static NTSTATUS cvfs_connect(struct ntvfs_module_context *ntvfs,
 		if (domain) {
 			cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
 		}
-		status = cli_credentials_set_machine_account(credentials);
+		status = cli_credentials_set_machine_account(credentials, ntvfs->ctx->lp_ctx);
 		if (!NT_STATUS_IS_OK(status)) {
 			return status;
 		}

source4/rpc_server/dcesrv_auth.c

@@ -73,7 +73,7 @@ bool dcesrv_auth_bind(struct dcesrv_call_state *call)
 	}
 	
 	cli_credentials_set_conf(server_credentials, call->conn->dce_ctx->lp_ctx);
-	status = cli_credentials_set_machine_account(server_credentials);
+	status = cli_credentials_set_machine_account(server_credentials, call->conn->dce_ctx->lp_ctx);
 	if (!NT_STATUS_IS_OK(status)) {
 		DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(status)));
 		talloc_free(server_credentials);

source4/rpc_server/remote/dcesrv_remote.c

@@ -89,7 +89,7 @@ static NTSTATUS remote_op_bind(struct dcesrv_call_state *dce_call, const struct
 		if (domain) {
 			cli_credentials_set_domain(credentials, domain, CRED_SPECIFIED);
 		}
-		status = cli_credentials_set_machine_account(credentials);
+		status = cli_credentials_set_machine_account(credentials, dce_call->conn->dce_ctx->lp_ctx);
 		if (!NT_STATUS_IS_OK(status)) {
 			return status;
 		}

source4/scripting/ejs/smbcalls_creds.c

@@ -192,7 +192,7 @@ static int ejs_creds_set_machine_account(MprVarHandle eid, int argc, struct MprV
 		return -1;
 	}
 	
-	if (NT_STATUS_IS_OK(cli_credentials_set_machine_account(creds))) {
+	if (NT_STATUS_IS_OK(cli_credentials_set_machine_account(creds, global_loadparm))) {
 		mpr_Return(eid, mprCreateBoolVar(true));
 	} else {
 		mpr_Return(eid, mprCreateBoolVar(false));

source4/smb_server/smb/negprot.c

@@ -375,7 +375,7 @@ static void reply_nt1(struct smbsrv_request *req, uint16_t choice)
 		}
 		
 		cli_credentials_set_conf(server_credentials, req->smb_conn->lp_ctx);
-		nt_status = cli_credentials_set_machine_account(server_credentials);
+		nt_status = cli_credentials_set_machine_account(server_credentials, req->smb_conn->lp_ctx);
 		if (!NT_STATUS_IS_OK(nt_status)) {
 			DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(nt_status)));
 			talloc_free(server_credentials);

source4/smb_server/smb2/negprot.c

@@ -55,7 +55,7 @@ static NTSTATUS smb2srv_negprot_secblob(struct smb2srv_request *req, DATA_BLOB *
 	}
 
 	cli_credentials_set_conf(server_credentials, req->smb_conn->lp_ctx);
-	nt_status = cli_credentials_set_machine_account(server_credentials);
+	nt_status = cli_credentials_set_machine_account(server_credentials, req->smb_conn->lp_ctx);
 	if (!NT_STATUS_IS_OK(nt_status)) {
 		DEBUG(10, ("Failed to obtain server credentials, perhaps a standalone server?: %s\n", nt_errstr(nt_status)));
 		talloc_free(server_credentials);

source4/utils/ntlm_auth.c

@@ -504,7 +504,7 @@ static void manage_gensec_request(enum stdio_helper_mode stdio_helper_mode,
 		switch (stdio_helper_mode) {
 		case GSS_SPNEGO_SERVER:
 		case SQUID_2_5_NTLMSSP:
-			cli_credentials_set_machine_account(creds);
+			cli_credentials_set_machine_account(creds, lp_ctx);
 			break;
 		default:
 			break;

source4/winbind/wb_init_domain.c

@@ -157,7 +157,7 @@ struct composite_context *wb_init_domain_send(TALLOC_CTX *mem_ctx,
 
 	/* Connect the machine account to the credentials */
 	state->ctx->status =
-		cli_credentials_set_machine_account(state->domain->libnet_ctx->cred);
+		cli_credentials_set_machine_account(state->domain->libnet_ctx->cred, state->domain->libnet_ctx->lp_ctx);
 	if (!NT_STATUS_IS_OK(state->ctx->status)) goto failed;
 
 	state->domain->netlogon_binding = init_domain_binding(state, &ndr_table_netlogon);