[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-3592-gda6e0f4
Günther Deschner
gd at samba.org
Mon Aug 11 17:57:21 GMT 2008
The branch, v3-3-test has been updated
via da6e0f4f375aa533c4c765891c960070478972eb (commit)
from 4fea49ae83510225c51c580a2bea2c664851bb39 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit da6e0f4f375aa533c4c765891c960070478972eb
Author: Günther Deschner <gd at samba.org>
Date: Wed Jul 30 21:38:21 2008 +0200
libnetjoin: support kerberized joining/unjoing (fix #5416).
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/libnet/libnet_join.c | 60 +++++++++++++++++++++++++++++-------------
source/utils/net_ads.c | 10 +++++-
2 files changed, 49 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index 2f2c71d..b7a15c5 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -642,6 +642,37 @@ static bool libnet_join_joindomain_store_secrets(TALLOC_CTX *mem_ctx,
}
/****************************************************************
+ Connect dc's IPC$ share
+****************************************************************/
+
+static NTSTATUS libnet_join_connect_dc_ipc(const char *dc,
+ const char *user,
+ const char *pass,
+ bool use_kerberos,
+ struct cli_state **cli)
+{
+ int flags = 0;
+
+ if (use_kerberos) {
+ flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
+ }
+
+ if (use_kerberos && pass) {
+ flags |= CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
+ }
+
+ return cli_full_connection(cli, NULL,
+ dc,
+ NULL, 0,
+ "IPC$", "IPC",
+ user,
+ NULL,
+ pass,
+ flags,
+ Undefined, NULL);
+}
+
+/****************************************************************
Lookup domain dc's info
****************************************************************/
@@ -654,16 +685,11 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx,
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
union lsa_PolicyInformation *info = NULL;
- status = cli_full_connection(cli, NULL,
- r->in.dc_name,
- NULL, 0,
- "IPC$", "IPC",
- r->in.admin_account,
- NULL,
- r->in.admin_password,
- 0,
- Undefined, NULL);
-
+ status = libnet_join_connect_dc_ipc(r->in.dc_name,
+ r->in.admin_account,
+ r->in.admin_password,
+ r->in.use_kerberos,
+ cli);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
@@ -1109,15 +1135,11 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
ZERO_STRUCT(domain_pol);
ZERO_STRUCT(user_pol);
- status = cli_full_connection(&cli, NULL,
- r->in.dc_name,
- NULL, 0,
- "IPC$", "IPC",
- r->in.admin_account,
- NULL,
- r->in.admin_password,
- 0, Undefined, NULL);
-
+ status = libnet_join_connect_dc_ipc(r->in.dc_name,
+ r->in.admin_account,
+ r->in.admin_password,
+ r->in.use_kerberos,
+ &cli);
if (!NT_STATUS_IS_OK(status)) {
goto done;
}
diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c
index 934ac1d..7dbe518 100644
--- a/source/utils/net_ads.c
+++ b/source/utils/net_ads.c
@@ -879,7 +879,9 @@ static int net_ads_leave(struct net_context *c, int argc, const char **argv)
return -1;
}
- use_in_memory_ccache();
+ if (!c->opt_kerberos) {
+ use_in_memory_ccache();
+ }
werr = libnet_init_UnjoinCtx(ctx, &r);
if (!W_ERROR_IS_OK(werr)) {
@@ -888,6 +890,7 @@ static int net_ads_leave(struct net_context *c, int argc, const char **argv)
}
r->in.debug = true;
+ r->in.use_kerberos = c->opt_kerberos;
r->in.dc_name = c->opt_host;
r->in.domain_name = lp_realm();
r->in.admin_account = c->opt_user_name;
@@ -1192,7 +1195,9 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
goto fail;
}
- use_in_memory_ccache();
+ if (!c->opt_kerberos) {
+ use_in_memory_ccache();
+ }
werr = libnet_init_JoinCtx(ctx, &r);
if (!W_ERROR_IS_OK(werr)) {
@@ -1250,6 +1255,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
r->in.admin_account = c->opt_user_name;
r->in.admin_password = net_prompt_pass(c, c->opt_user_name);
r->in.debug = true;
+ r->in.use_kerberos = c->opt_kerberos;
r->in.modify_config = modify_config;
r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |
--
Samba Shared Repository
More information about the samba-cvs
mailing list