sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00
Code

libnet: ignore realm setting for domain security joins to AD domains if 'winbind rpc only = true'

Browse Source 
Inspired by initial patch from Matt Rogers @ RedHat.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11977

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Jun 22 05:05:47 CEST 2016 on sn-devel-144
This commit is contained in:
Michael Adam 2016-06-15 23:03:32 +02:00
parent 7720d04755
commit e29d8f108c
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
source3/libnet/libnet_join.c
View File

@ -2303,6 +2303,7 @@ static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx,
bool valid_security = false;
bool valid_workgroup = false;
bool valid_realm = false;
bool ignored_realm = false;
/* check if configuration is already set correctly */
@ -2322,11 +2323,26 @@ static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx,
valid_realm = strequal(lp_realm(), r->out.dns_domain_name);
switch (lp_security()) {
case SEC_DOMAIN:
if (!valid_realm && lp_winbind_rpc_only()) {
valid_realm = true;
ignored_realm = true;
}
case SEC_ADS:
valid_security = true;
}
if (valid_workgroup && valid_realm && valid_security) {
if (ignored_realm && !r->in.modify_config)
{
libnet_join_set_error_string(mem_ctx, r,
"Warning: ignoring realm when "
"joining AD domain with "
"'security=domain' and "
"'winbind rpc only = yes'. "
"(realm set to '%s', "
"should be '%s').", lp_realm(),
r->out.dns_domain_name);
}
/* nothing to be done */
return WERR_OK;
}