mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
f3e349bebc
Salt principal for the interdomain trust is krbtgt/DOMAIN@REALM where DOMAIN is the sAMAccountName without the dollar sign ($) The salt principal for the BLA$ user object was generated wrong. dn: CN=bla.base,CN=System,DC=w4edom-l4,DC=base securityIdentifier: S-1-5-21-4053568372-2049667917-3384589010 trustDirection: 3 trustPartner: bla.base trustPosixOffset: -2147483648 trustType: 2 trustAttributes: 8 flatName: BLA dn: CN=BLA$,CN=Users,DC=w4edom-l4,DC=base userAccountControl: 2080 primaryGroupID: 513 objectSid: S-1-5-21-278041429-3399921908-1452754838-1597 accountExpires: 9223372036854775807 sAMAccountName: BLA$ sAMAccountType: 805306370 pwdLastSet: 131485652467995000 The salt stored by Windows in the package_PrimaryKerberosBlob (within supplementalCredentials) seems to be 'W4EDOM-L4.BASEkrbtgtBLA' for the above trust and Samba stores 'W4EDOM-L4.BASEBLA$'. While the salt used when building the keys from trustAuthOutgoing/trustAuthIncoming is 'W4EDOM-L4.BASEkrbtgtBLA.BASE', which we handle correct. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539 Pair-Programmed-With: Stefan Metzmacher <metze@samba.org> Signed-off-by: Alexander Bokovoy <ab@samba.org> Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Sep 5 03:57:22 CEST 2018 on sn-devel-144 |
||
---|---|---|
.. | ||
ABI | ||
account_pol.c | ||
login_cache.c | ||
lookup_sid.c | ||
lookup_sid.h | ||
machine_account_secrets.c | ||
machine_sid.c | ||
machine_sid.h | ||
passdb.c | ||
pdb_compat.c | ||
pdb_get_set.c | ||
pdb_interface.c | ||
pdb_ldap_schema.c | ||
pdb_ldap_schema.h | ||
pdb_ldap_util.c | ||
pdb_ldap_util.h | ||
pdb_ldap.c | ||
pdb_ldap.h | ||
pdb_nds.c | ||
pdb_nds.h | ||
pdb_samba_dsdb.c | ||
pdb_secrets.c | ||
pdb_secrets.h | ||
pdb_smbpasswd.c | ||
pdb_smbpasswd.h | ||
pdb_tdb.c | ||
pdb_tdb.h | ||
pdb_unixid.c | ||
pdb_util.c | ||
py_passdb.c | ||
secrets_lsa.c | ||
secrets.c | ||
wscript_build |