1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

Use machine account and machine password from our domain when

contacting trusted domains.
This commit is contained in:
Steven Danneman 2008-05-08 13:34:49 -07:00 committed by Gerald Carter
parent a7ad518967
commit fd0ae47046
2 changed files with 7 additions and 6 deletions

View File

@ -607,12 +607,12 @@ static NTSTATUS get_trust_creds(const struct winbindd_domain *domain,
return NT_STATUS_NO_MEMORY;
}
/* this is at least correct when domain is our domain,
* which is the only case, when this is currently used: */
/* For now assume our machine account only exists in our domain */
if (machine_krb5_principal != NULL)
{
if (asprintf(machine_krb5_principal, "%s$@%s",
account_name, domain->alt_name) == -1)
account_name, lp_realm()) == -1)
{
return NT_STATUS_NO_MEMORY;
}

View File

@ -702,10 +702,11 @@ BOOL get_trust_pw_clear(const char *domain, char **ret_pwd,
return True;
}
/* Just get the account for the requested domain. In the future this
* might also cover to be member of more than one domain. */
/* Here we are a domain member server. We can only be a member
of one domain so ignore the request domain and assume our own */
pwd = secrets_fetch_machine_password(domain, &last_set_time, channel);
pwd = secrets_fetch_machine_password(lp_workgroup(), &last_set_time,
channel);
if (pwd != NULL) {
*ret_pwd = pwd;