[SCM] Samba Shared Repository - branch master updated
Günther Deschner
gd at samba.org
Wed Jun 15 18:29:02 UTC 2016
The branch, master has been updated
via 234a470 s3:libnet: accept empty realm for AD domains when only security=domain is set.
via 632faa8 s3-libnet: Print error string even on successfuly completion of libnetjoin.
via 169e8ae s3-libnetapi: Correctly check for lp_realm.
from 4c408f6 libnet_join: use sitename if it was set by pre-join detection
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 234a470f198f8f09f46aaeaf58f966faccedef18
Author: Günther Deschner <gd at samba.org>
Date: Tue May 31 18:47:34 2016 +0200
s3:libnet: accept empty realm for AD domains when only security=domain is set.
Initial patch from Matt Rogers @ RedHat.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11977
Guenther
Pair-Programmed-With: Andreas Schneider <asn at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Andreas Schneider <asn at samba.org>
Autobuild-User(master): Günther Deschner <gd at samba.org>
Autobuild-Date(master): Wed Jun 15 20:28:31 CEST 2016 on sn-devel-144
commit 632faa87610b3afca3f8d3e9f3f46ee6b87f362a
Author: Günther Deschner <gd at samba.org>
Date: Wed Jun 15 16:04:29 2016 +0200
s3-libnet: Print error string even on successfuly completion of libnetjoin.
Sometimes useful information should be printed to the users.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11977
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
commit 169e8aeda5e9d851ec818b5c2543ec59c8bc0c31
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jun 15 16:05:58 2016 +0200
s3-libnetapi: Correctly check for lp_realm.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/lib/netapi/joindomain.c | 11 +++++++----
source3/libnet/libnet_join.c | 17 +++++++++++++++++
source3/utils/net_ads.c | 5 +++++
source3/utils/net_rpc.c | 10 ++++++++++
4 files changed, 39 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c
index 632c8c6..dc224b6 100644
--- a/source3/lib/netapi/joindomain.c
+++ b/source3/lib/netapi/joindomain.c
@@ -175,6 +175,7 @@ WERROR NetUnjoinDomain_l(struct libnetapi_ctx *mem_ctx,
const char *domain = NULL;
WERROR werr;
struct libnetapi_private_ctx *priv;
+ const char *realm = lp_realm();
priv = talloc_get_type_abort(mem_ctx->private_data,
struct libnetapi_private_ctx);
@@ -186,8 +187,8 @@ WERROR NetUnjoinDomain_l(struct libnetapi_ctx *mem_ctx,
werr = libnet_init_UnjoinCtx(mem_ctx, &u);
W_ERROR_NOT_OK_RETURN(werr);
- if (lp_realm()) {
- domain = lp_realm();
+ if (realm[0] != '\0') {
+ domain = realm;
} else {
domain = lp_workgroup();
}
@@ -352,8 +353,10 @@ WERROR NetGetJoinInformation_r(struct libnetapi_ctx *ctx,
WERROR NetGetJoinInformation_l(struct libnetapi_ctx *ctx,
struct NetGetJoinInformation *r)
{
- if ((lp_security() == SEC_ADS) && lp_realm()) {
- *r->out.name_buffer = talloc_strdup(ctx, lp_realm());
+ const char *realm = lp_realm();
+
+ if ((lp_security() == SEC_ADS) && realm[0] != '\0') {
+ *r->out.name_buffer = talloc_strdup(ctx, realm);
} else {
*r->out.name_buffer = talloc_strdup(ctx, lp_workgroup());
}
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c
index c007183..abb9cff 100644
--- a/source3/libnet/libnet_join.c
+++ b/source3/libnet/libnet_join.c
@@ -2367,9 +2367,26 @@ static WERROR libnet_join_check_config(TALLOC_CTX *mem_ctx,
W_ERROR_HAVE_NO_MEMORY(wrong_conf);
}
+ /*
+ * We should generate the warning for the special case when
+ * domain is AD, "security = domain" and the realm parameter is
+ * not set.
+ */
+ if (lp_security() == SEC_DOMAIN &&
+ r->out.domain_is_ad &&
+ !valid_realm) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "Warning: when joining AD domains with security=domain, "
+ "\"realm\" should be defined in the configuration (%s) "
+ "and configuration modification was not requested",
+ wrong_conf);
+ return WERR_OK;
+ }
+
libnet_join_set_error_string(mem_ctx, r,
"Invalid configuration (%s) and configuration modification "
"was not requested", wrong_conf);
+
return WERR_CAN_NOT_COMPLETE;
}
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index d565df1..f4c25e1 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -1599,6 +1599,11 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
r->out.netbios_domain_name);
}
+ /* print out informative error string in case there is one */
+ if (r->out.error_string != NULL) {
+ d_printf("%s\n", r->out.error_string);
+ }
+
/*
* We try doing the dns update (if it was compiled in
* and if it was not disabled on the command line).
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 93caf04..1e3e286 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -428,6 +428,11 @@ static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv)
r->out.netbios_domain_name);
}
+ /* print out informative error string in case there is one */
+ if (r->out.error_string != NULL) {
+ d_printf("%s\n", r->out.error_string);
+ }
+
TALLOC_FREE(mem_ctx);
return 0;
@@ -607,6 +612,11 @@ static int net_rpc_join_newstyle(struct net_context *c, int argc, const char **a
r->out.netbios_domain_name);
}
+ /* print out informative error string in case there is one */
+ if (r->out.error_string != NULL) {
+ d_printf("%s\n", r->out.error_string);
+ }
+
TALLOC_FREE(mem_ctx);
return 0;
--
Samba Shared Repository
More information about the samba-cvs
mailing list