svn commit: samba r12363 - in branches/SAMBA_4_0/source: auth dsdb/samdb

[tridge at samba.org]

Author: tridge
Date: 2005-12-19 11:50:28 +0000 (Mon, 19 Dec 2005)
New Revision: 12363

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12363

Log:

minor fixes for win2000 join/login

 - the objectClass needs to be added to the list of attributes to make
   the check for objectClass=computer work

 - the short version of the name needs to be used for the 'cn' in
   cracknames

Modified:
   branches/SAMBA_4_0/source/auth/auth_sam.c
   branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c


Changeset:
Modified: branches/SAMBA_4_0/source/auth/auth_sam.c
===================================================================
--- branches/SAMBA_4_0/source/auth/auth_sam.c	2005-12-19 07:11:58 UTC (rev 12362)
+++ branches/SAMBA_4_0/source/auth/auth_sam.c	2005-12-19 11:50:28 UTC (rev 12363)
@@ -64,7 +64,8 @@
 	NULL,
 };
 
-static const char *domain_ref_attrs[] =  {"nETBIOSName", "nCName", "dnsRoot", NULL};
+static const char *domain_ref_attrs[] =  {"nETBIOSName", "nCName", 
+					  "dnsRoot", "objectClass", NULL};
 
 /****************************************************************************
  Do a specific test for an smb password being correct, given a smb_password and

Modified: branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c
===================================================================
--- branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c	2005-12-19 07:11:58 UTC (rev 12362)
+++ branches/SAMBA_4_0/source/dsdb/samdb/cracknames.c	2005-12-19 11:50:28 UTC (rev 12363)
@@ -453,11 +453,20 @@
 			krb5_free_principal(smb_krb5_context->krb5_context, principal);
 			return WERR_NOMEM;
 		}
+
 		service = principal->name.name_string.val[0];
 		if ((principal->name.name_string.len == 2) && (strcasecmp(service, "host") == 0)) {
+			/* the 'cn' attribute is just the leading part of the name */
+			char *computer_name;
+			computer_name = talloc_strndup(mem_ctx, principal->name.name_string.val[1], 
+						      strcspn(principal->name.name_string.val[1], "."));
+			if (computer_name == NULL) {
+				return WERR_NOMEM;
+			}
+
 			result_filter = talloc_asprintf(mem_ctx, "(|(&(servicePrincipalName=%s)(objectClass=user))(&(cn=%s)(objectClass=computer)))", 
 							ldb_binary_encode_string(mem_ctx, unparsed_name_short), 
-							ldb_binary_encode_string(mem_ctx, principal->name.name_string.val[1]));
+							ldb_binary_encode_string(mem_ctx, computer_name));
 		} else {
 			result_filter = talloc_asprintf(mem_ctx, "(&(servicePrincipalName=%s)(objectClass=user))",
 							ldb_binary_encode_string(mem_ctx, unparsed_name_short));