[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-3592-gda6e0f4

Günther Deschner gd at samba.org
Mon Aug 11 17:57:21 GMT 2008 

The branch, v3-3-test has been updated
       via  da6e0f4f375aa533c4c765891c960070478972eb (commit)
      from  4fea49ae83510225c51c580a2bea2c664851bb39 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit da6e0f4f375aa533c4c765891c960070478972eb
Author: Günther Deschner <gd at samba.org>
Date:   Wed Jul 30 21:38:21 2008 +0200

    libnetjoin: support kerberized joining/unjoing (fix #5416).
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source/libnet/libnet_join.c |   60 +++++++++++++++++++++++++++++-------------
 source/utils/net_ads.c      |   10 +++++-
 2 files changed, 49 insertions(+), 21 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index 2f2c71d..b7a15c5 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -642,6 +642,37 @@ static bool libnet_join_joindomain_store_secrets(TALLOC_CTX *mem_ctx,
 }
 
 /****************************************************************
+ Connect dc's IPC$ share
+****************************************************************/
+
+static NTSTATUS libnet_join_connect_dc_ipc(const char *dc,
+					   const char *user,
+					   const char *pass,
+					   bool use_kerberos,
+					   struct cli_state **cli)
+{
+	int flags = 0;
+
+	if (use_kerberos) {
+		flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
+	}
+
+	if (use_kerberos && pass) {
+		flags |= CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
+	}
+
+	return cli_full_connection(cli, NULL,
+				   dc,
+				   NULL, 0,
+				   "IPC$", "IPC",
+				   user,
+				   NULL,
+				   pass,
+				   flags,
+				   Undefined, NULL);
+}
+
+/****************************************************************
  Lookup domain dc's info
 ****************************************************************/
 
@@ -654,16 +685,11 @@ static NTSTATUS libnet_join_lookup_dc_rpc(TALLOC_CTX *mem_ctx,
 	NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
 	union lsa_PolicyInformation *info = NULL;
 
-	status = cli_full_connection(cli, NULL,
-				     r->in.dc_name,
-				     NULL, 0,
-				     "IPC$", "IPC",
-				     r->in.admin_account,
-				     NULL,
-				     r->in.admin_password,
-				     0,
-				     Undefined, NULL);
-
+	status = libnet_join_connect_dc_ipc(r->in.dc_name,
+					    r->in.admin_account,
+					    r->in.admin_password,
+					    r->in.use_kerberos,
+					    cli);
 	if (!NT_STATUS_IS_OK(status)) {
 		goto done;
 	}
@@ -1109,15 +1135,11 @@ static NTSTATUS libnet_join_unjoindomain_rpc(TALLOC_CTX *mem_ctx,
 	ZERO_STRUCT(domain_pol);
 	ZERO_STRUCT(user_pol);
 
-	status = cli_full_connection(&cli, NULL,
-				     r->in.dc_name,
-				     NULL, 0,
-				     "IPC$", "IPC",
-				     r->in.admin_account,
-				     NULL,
-				     r->in.admin_password,
-				     0, Undefined, NULL);
-
+	status = libnet_join_connect_dc_ipc(r->in.dc_name,
+					    r->in.admin_account,
+					    r->in.admin_password,
+					    r->in.use_kerberos,
+					    &cli);
 	if (!NT_STATUS_IS_OK(status)) {
 		goto done;
 	}
diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c
index 934ac1d..7dbe518 100644
--- a/source/utils/net_ads.c
+++ b/source/utils/net_ads.c
@@ -879,7 +879,9 @@ static int net_ads_leave(struct net_context *c, int argc, const char **argv)
 		return -1;
 	}
 
-	use_in_memory_ccache();
+	if (!c->opt_kerberos) {
+		use_in_memory_ccache();
+	}
 
 	werr = libnet_init_UnjoinCtx(ctx, &r);
 	if (!W_ERROR_IS_OK(werr)) {
@@ -888,6 +890,7 @@ static int net_ads_leave(struct net_context *c, int argc, const char **argv)
 	}
 
 	r->in.debug		= true;
+	r->in.use_kerberos	= c->opt_kerberos;
 	r->in.dc_name		= c->opt_host;
 	r->in.domain_name	= lp_realm();
 	r->in.admin_account	= c->opt_user_name;
@@ -1192,7 +1195,9 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
 		goto fail;
 	}
 
-	use_in_memory_ccache();
+	if (!c->opt_kerberos) {
+		use_in_memory_ccache();
+	}
 
 	werr = libnet_init_JoinCtx(ctx, &r);
 	if (!W_ERROR_IS_OK(werr)) {
@@ -1250,6 +1255,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
 	r->in.admin_account	= c->opt_user_name;
 	r->in.admin_password	= net_prompt_pass(c, c->opt_user_name);
 	r->in.debug		= true;
+	r->in.use_kerberos	= c->opt_kerberos;
 	r->in.modify_config	= modify_config;
 	r->in.join_flags	= WKSSVC_JOIN_FLAGS_JOIN_TYPE |
 				  WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |


-- 
Samba Shared Repository

More information about the samba-cvs mailing list