[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Thu Jun 22 11:07:03 UTC 2017
The branch, master has been updated
via 73a7d15 dnsserver/common: Use cached dnsHostName to reduce database reads
via 0431dc5 dsdb: Add a samdb_dns_host_name which avoids searching
via 8c909cd pycredentials: Add support for netr_crypt_password
via 45709fd s4/dcerpc_netlogon: Logging for dcesrv_netr_LogonGetDomainInfo
via b68a337 pycredentials: add function to return the netr_Authenticator
via 7539595 lsa.String: add String constructor, str and repr
via 4cc979a Tests lsa.String: add String constructor, str and repr
from 232abcc s3: smbd: When deleting an fsp pointer ensure we don't keep any references to it around.
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 73a7d154a862340f64cdd98475d5d91c8b6018ec
Author: Garming Sam <garming at catalyst.net.nz>
Date: Mon Jun 19 15:01:56 2017 +1200
dnsserver/common: Use cached dnsHostName to reduce database reads
The code to clobber the host name appears to have caused DNS requests to use 3x as much resources
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Thu Jun 22 13:06:07 CEST 2017 on sn-devel-144
commit 0431dc5ce92cf34dba07f15eec2f6c02b696a8db
Author: Garming Sam <garming at catalyst.net.nz>
Date: Mon Jun 19 14:49:55 2017 +1200
dsdb: Add a samdb_dns_host_name which avoids searching
This ideally should also be used in rootDSE.
Signed-off-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 8c909cd7fae8c2232e5b581c66a1a6e75fa0bcdc
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Wed Jun 21 08:10:30 2017 +1200
pycredentials: Add support for netr_crypt_password
Add code to encrypt a netr_CryptPassword structure with the current
session key. This allows the making of Netr_ServerPasswordSet2 calls
from python.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 45709fdfa88f09537683ce9537fc39de4ceaf5e0
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Wed Jun 21 08:09:53 2017 +1200
s4/dcerpc_netlogon: Logging for dcesrv_netr_LogonGetDomainInfo
Log details of the remote machine when bad credentials received.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit b68a3374a56c7117aa1d9fedf56940b6a1ed1cae
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Thu Jun 15 15:55:43 2017 +1200
pycredentials: add function to return the netr_Authenticator
Add method new_client_authenticator that returns data to allow a
netr_Authenticator to be constructed.
Allows python to make netr_LogonSamLogonWithFlags,
netr_LogonGetDomainInfo and similar calls
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 7539595c4807a0396feb90b2dedb1001162dda74
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Mon May 29 16:04:14 2017 +1200
lsa.String: add String constructor, str and repr
Add a String constructor, str and repr methods to the
samba.dcerpc.lsa.String python object
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 4cc979aba71d5480b0db2dd421f0ccdc6893e693
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Thu Jun 15 07:57:23 2017 +1200
Tests lsa.String: add String constructor, str and repr
Tests for the String constructor, str and repr methods added to
the samba.dcerpc.lsa.String python object
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Garming Sam <garming at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
auth/credentials/credentials.c | 40 ++++
auth/credentials/credentials.h | 4 +
auth/credentials/pycredentials.c | 73 +++++++
librpc/idl/lsa.idl | 1 +
python/samba/tests/lsa_string.py | 79 +++++++
python/samba/tests/py_credentials.py | 285 ++++++++++++++++++++++++++
source4/dns_server/dnsserver_common.c | 24 +--
source4/dsdb/common/util.c | 47 +++++
source4/librpc/ndr/py_lsa.c | 77 +++++++
source4/rpc_server/netlogon/dcerpc_netlogon.c | 14 +-
source4/selftest/tests.py | 5 +
11 files changed, 628 insertions(+), 21 deletions(-)
create mode 100644 python/samba/tests/lsa_string.py
create mode 100644 python/samba/tests/py_credentials.py
create mode 100644 source4/librpc/ndr/py_lsa.c
Changeset truncated at 500 lines:
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index ff444e3..2342d72 100644
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -1283,3 +1283,43 @@ _PUBLIC_ bool cli_credentials_parse_password_fd(struct cli_credentials *credenti
}
+/**
+ * Encrypt a data blob using the session key and the negotiated encryption
+ * algorithm
+ *
+ * @param state Credential state, contains the session key and algorithm
+ * @param data Data blob containing the data to be encrypted.
+ *
+ */
+_PUBLIC_ NTSTATUS netlogon_creds_session_encrypt(
+ struct netlogon_creds_CredentialState *state,
+ DATA_BLOB data)
+{
+ if (data.data == NULL || data.length == 0) {
+ DBG_ERR("Nothing to encrypt "
+ "data.data == NULL or data.length == 0");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ /*
+ * Don't crypt an all-zero password it will give away the
+ * NETLOGON pipe session key .
+ */
+ if (all_zero(data.data, data.length)) {
+ DBG_ERR("Supplied data all zeros, could leak session key");
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ if (state->negotiate_flags & NETLOGON_NEG_SUPPORTS_AES) {
+ netlogon_creds_aes_encrypt(state,
+ data.data,
+ data.length);
+ } else if (state->negotiate_flags & NETLOGON_NEG_ARCFOUR) {
+ netlogon_creds_arcfour_crypt(state,
+ data.data,
+ data.length);
+ } else {
+ DBG_ERR("Unsupported encryption option negotiated");
+ return NT_STATUS_NOT_SUPPORTED;
+ }
+ return NT_STATUS_OK;
+}
+
diff --git a/auth/credentials/credentials.h b/auth/credentials/credentials.h
index 50f6994..e75694a 100644
--- a/auth/credentials/credentials.h
+++ b/auth/credentials/credentials.h
@@ -293,4 +293,8 @@ void *_cli_credentials_callback_data(struct cli_credentials *cred);
*/
struct netlogon_creds_CredentialState *cli_credentials_get_netlogon_creds(struct cli_credentials *cred);
+NTSTATUS netlogon_creds_session_encrypt(
+ struct netlogon_creds_CredentialState *state,
+ DATA_BLOB data);
+
#endif /* __CREDENTIALS_H__ */
diff --git a/auth/credentials/pycredentials.c b/auth/credentials/pycredentials.c
index fee9556..caf30bf 100644
--- a/auth/credentials/pycredentials.c
+++ b/auth/credentials/pycredentials.c
@@ -22,10 +22,15 @@
#include "pycredentials.h"
#include "param/param.h"
#include "lib/cmdline/credentials.h"
+#include "auth/credentials/credentials_internal.h"
#include "librpc/gen_ndr/samr.h" /* for struct samr_Password */
+#include "librpc/gen_ndr/netlogon.h"
#include "libcli/util/pyerrors.h"
+#include "libcli/auth/libcli_auth.h"
#include "param/pyparam.h"
#include <tevent.h>
+#include "libcli/auth/libcli_auth.h"
+#include "auth/credentials/credentials_internal.h"
void initcredentials(void);
@@ -584,6 +589,39 @@ static PyObject *py_creds_get_gensec_features(PyObject *self, PyObject *args)
return PyInt_FromLong(gensec_features);
}
+static PyObject *py_creds_new_client_authenticator(PyObject *self,
+ PyObject *args)
+{
+ struct netr_Authenticator auth;
+ struct cli_credentials *creds = NULL;
+ struct netlogon_creds_CredentialState *nc = NULL;
+ PyObject *ret = NULL;
+
+ creds = PyCredentials_AsCliCredentials(self);
+ if (creds == NULL) {
+ PyErr_SetString(PyExc_RuntimeError,
+ "Failed to get credentials from python");
+ return NULL;
+ }
+
+ nc = creds->netlogon_creds;
+ if (nc == NULL) {
+ PyErr_SetString(PyExc_ValueError,
+ "No netlogon credentials cannot make "
+ "client authenticator");
+ return NULL;
+ }
+
+ netlogon_creds_client_authenticator(
+ nc,
+ &auth);
+ ret = Py_BuildValue("{ss#si}",
+ "credential",
+ (const char *) &auth.cred, sizeof(auth.cred),
+ "timestamp", auth.timestamp);
+ return ret;
+}
+
static PyObject *py_creds_set_secure_channel_type(PyObject *self, PyObject *args)
{
unsigned int channel_type;
@@ -598,6 +636,29 @@ static PyObject *py_creds_set_secure_channel_type(PyObject *self, PyObject *args
Py_RETURN_NONE;
}
+static PyObject *py_creds_encrypt_netr_crypt_password(PyObject *self,
+ PyObject *args)
+{
+ DATA_BLOB data = data_blob_null;
+ struct cli_credentials *creds = NULL;
+ struct netr_CryptPassword *pwd = NULL;
+ NTSTATUS status;
+ PyObject *py_cp = Py_None;
+
+ creds = PyCredentials_AsCliCredentials(self);
+
+ if (!PyArg_ParseTuple(args, "|O", &py_cp)) {
+ return NULL;
+ }
+ pwd = pytalloc_get_type(py_cp, struct netr_CryptPassword);
+ data.length = sizeof(struct netr_CryptPassword);
+ data.data = (uint8_t *)pwd;
+ status = netlogon_creds_session_encrypt(creds->netlogon_creds, data);
+
+ PyErr_NTSTATUS_IS_ERR_RAISE(status);
+
+ Py_RETURN_NONE;
+}
static PyMethodDef py_creds_methods[] = {
{ "get_username", py_creds_get_username, METH_NOARGS,
@@ -700,8 +761,20 @@ static PyMethodDef py_creds_methods[] = {
{ "set_forced_sasl_mech", py_creds_set_forced_sasl_mech, METH_VARARGS,
"S.set_forced_sasl_mech(name) -> None\n"
"Set forced SASL mechanism." },
+ { "new_client_authenticator",
+ py_creds_new_client_authenticator,
+ METH_NOARGS,
+ "S.new_client_authenticator() -> Authenticator\n"
+ "Get a new client NETLOGON_AUTHENTICATOR"},
{ "set_secure_channel_type", py_creds_set_secure_channel_type,
METH_VARARGS, NULL },
+ { "encrypt_netr_crypt_password",
+ py_creds_encrypt_netr_crypt_password,
+ METH_VARARGS,
+ "S.encrypt_netr_crypt_password(password) -> NTSTATUS\n"
+ "Encrypt the supplied password using the session key and\n"
+ "the negotiated encryption algorithm in place\n"
+ "i.e. it overwrites the original data"},
{ NULL }
};
diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl
index 68569db..1682dbd 100644
--- a/librpc/idl/lsa.idl
+++ b/librpc/idl/lsa.idl
@@ -9,6 +9,7 @@ import "misc.idl", "security.idl";
[ uuid("12345778-1234-abcd-ef00-0123456789ab"),
version(0.0),
endpoint("ncacn_np:[\\pipe\\lsarpc]","ncacn_np:[\\pipe\\lsass]", "ncacn_ip_tcp:", "ncalrpc:"),
+ pyhelper("librpc/ndr/py_lsa.c"),
pointer_default(unique),
helpstring("Local Security Authority")
] interface lsarpc
diff --git a/python/samba/tests/lsa_string.py b/python/samba/tests/lsa_string.py
new file mode 100644
index 0000000..130f880
--- /dev/null
+++ b/python/samba/tests/lsa_string.py
@@ -0,0 +1,79 @@
+# Tests for lsa.String helpers in source4/librpc/ndr/py_lsa.c
+#
+# Copyright (C) Catalyst IT Ltd. 2017
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+
+from samba.tests import TestCase
+from samba.dcerpc import lsa
+from samba.ndr import ndr_pack, ndr_unpack
+"""
+Tests for the C helper functions in source4/librpc/ndr/py_lsa.c
+for samba.dcerpc.lsa.String
+"""
+
+class LsaStringTests(TestCase):
+
+ def test_default_constructor(self):
+ s = lsa.String()
+ self.assertEqual(None, s.string)
+ self.assertEqual(0, s.size)
+ self.assertEqual(0, s.length)
+
+ def test_string_constructor(self):
+ CONTENT = "The content string"
+ s = lsa.String(CONTENT)
+ self.assertEqual(CONTENT, s.string)
+
+ # These should be zero, are set by ndr_pack and ndr_unpack
+ self.assertEqual(0, s.size)
+ self.assertEqual(0, s.length)
+
+ def test_string_constructor(self):
+ CONTENT = "The content string"
+ s = lsa.String(CONTENT)
+ self.assertEqual(CONTENT, s.string)
+
+ # These should be zero
+ self.assertEqual(0, s.size)
+ self.assertEqual(0, s.length)
+
+ packed = ndr_pack(s)
+ unpacked = ndr_unpack(lsa.String, packed)
+
+ # Original object should be unchanged
+ self.assertEqual(0, s.size)
+ self.assertEqual(0, s.length)
+
+ # But they should be correct in the unpacked object
+ self.assertEqual(36, unpacked.size)
+ self.assertEqual(36, unpacked.length)
+
+ def test_repr(self):
+ # test an empty string
+ self.assertEqual("lsaString(None)", repr(lsa.String()))
+ # and one with contents
+ self.assertEqual("lsaString('Hello world')",
+ repr(lsa.String("Hello world")))
+
+ def test_to_string(self):
+ # test an empty string
+ self.assertEqual("", str(lsa.String()))
+ # and one with contents
+ self.assertEqual("Hello world",
+ str(lsa.String("Hello world")))
+
+
+
diff --git a/python/samba/tests/py_credentials.py b/python/samba/tests/py_credentials.py
new file mode 100644
index 0000000..b47cf9e
--- /dev/null
+++ b/python/samba/tests/py_credentials.py
@@ -0,0 +1,285 @@
+# Integration tests for pycredentials
+#
+# Copyright (C) Catalyst IT Ltd. 2017
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+from samba.tests import TestCase, delete_force
+import os
+
+import samba
+from samba.auth import system_session
+from samba.credentials import Credentials, CLI_CRED_NTLMv2_AUTH
+from samba.dcerpc import netlogon, ntlmssp
+from samba.dcerpc.netlogon import netr_Authenticator, netr_WorkstationInformation
+from samba.dcerpc.misc import SEC_CHAN_WKSTA
+from samba.dsdb import (
+ UF_WORKSTATION_TRUST_ACCOUNT,
+ UF_PASSWD_NOTREQD,
+ UF_NORMAL_ACCOUNT)
+from samba.ndr import ndr_pack
+from samba.samdb import SamDB
+"""
+Integration tests for pycredentials
+"""
+
+MACHINE_NAME = "PCTM"
+USER_NAME = "PCTU"
+
+class PyCredentialsTests(TestCase):
+
+ def setUp(self):
+ super(PyCredentialsTests, self).setUp()
+
+ self.server = os.environ["SERVER"]
+ self.domain = os.environ["DOMAIN"]
+ self.host = os.environ["SERVER_IP"]
+ self.lp = self.get_loadparm()
+
+ self.credentials = self.get_credentials()
+
+ self.session = system_session()
+ self.ldb = SamDB(url="ldap://%s" % self.host,
+ session_info=self.session,
+ credentials=self.credentials,
+ lp=self.lp)
+
+ self.create_machine_account()
+ self.create_user_account()
+
+
+ def tearDown(self):
+ super(PyCredentialsTests, self).tearDown()
+ delete_force(self.ldb, self.machine_dn)
+ delete_force(self.ldb, self.user_dn)
+
+ # Until a successful netlogon connection has been established there will
+ # not be a valid authenticator associated with the credentials
+ # and new_client_authenticator should throw a ValueError
+ def test_no_netlogon_connection(self):
+ self.assertRaises(ValueError,
+ self.machine_creds.new_client_authenticator)
+
+ # Once a netlogon connection has been established,
+ # new_client_authenticator should return a value
+ #
+ def test_have_netlogon_connection(self):
+ c = self.get_netlogon_connection()
+ a = self.machine_creds.new_client_authenticator()
+ self.assertIsNotNone(a)
+
+ # Get an authenticator and use it on a sequence of operations requiring
+ # an authenticator
+ def test_client_authenticator(self):
+ c = self.get_netlogon_connection()
+ (authenticator, subsequent) = self.get_authenticator(c)
+ self.do_NetrLogonSamLogonWithFlags(c, authenticator, subsequent)
+ (authenticator, subsequent) = self.get_authenticator(c)
+ self.do_NetrLogonGetDomainInfo(c, authenticator, subsequent)
+ (authenticator, subsequent) = self.get_authenticator(c)
+ self.do_NetrLogonGetDomainInfo(c, authenticator, subsequent)
+ (authenticator, subsequent) = self.get_authenticator(c)
+ self.do_NetrLogonGetDomainInfo(c, authenticator, subsequent)
+
+ # Test Credentials.encrypt_netr_crypt_password
+ # By performing a NetrServerPasswordSet2
+ # And the logging on using the new password.
+ def test_encrypt_netr_password(self):
+ # Change the password
+ self.do_Netr_ServerPasswordSet2()
+ # Now use the new password to perform an operation
+ self.do_DsrEnumerateDomainTrusts()
+
+
+ # Change the current machine account pazssword with a
+ # netr_ServerPasswordSet2 call.
+
+ def do_Netr_ServerPasswordSet2(self):
+ c = self.get_netlogon_connection()
+ (authenticator, subsequent) = self.get_authenticator(c)
+ PWD_LEN = 32
+ DATA_LEN = 512
+ newpass = samba.generate_random_password(PWD_LEN, PWD_LEN)
+ filler = [ord(x) for x in os.urandom(DATA_LEN-PWD_LEN)]
+ pwd = netlogon.netr_CryptPassword()
+ pwd.length = PWD_LEN
+ pwd.data = filler + [ord(x) for x in newpass]
+ self.machine_creds.encrypt_netr_crypt_password(pwd)
+ c.netr_ServerPasswordSet2(self.server,
+ self.machine_creds.get_workstation(),
+ SEC_CHAN_WKSTA,
+ self.machine_name,
+ authenticator,
+ pwd)
+
+ self.machine_pass = newpass
+ self.machine_creds.set_password(newpass)
+
+ # Perform a DsrEnumerateDomainTrusts, this provides confirmation that
+ # a netlogon connection has been correctly established
+ def do_DsrEnumerateDomainTrusts(self):
+ c = self.get_netlogon_connection()
+ trusts = c.netr_DsrEnumerateDomainTrusts(
+ self.server,
+ netlogon.NETR_TRUST_FLAG_IN_FOREST |
+ netlogon.NETR_TRUST_FLAG_OUTBOUND |
+ netlogon.NETR_TRUST_FLAG_INBOUND)
+
+ # Establish sealed schannel netlogon connection over TCP/IP
+ #
+ def get_netlogon_connection(self):
+ return netlogon.netlogon("ncacn_ip_tcp:%s[schannel,seal]" % self.server,
+ self.lp,
+ self.machine_creds)
+
+ #
+ # Create the machine account
+ def create_machine_account(self):
+ self.machine_pass = samba.generate_random_password(32, 32)
+ self.machine_name = MACHINE_NAME
+ self.machine_dn = "cn=%s,%s" % (self.machine_name, self.ldb.domain_dn())
+
+ # remove the account if it exists, this will happen if a previous test
+ # run failed
+ delete_force(self.ldb, self.machine_dn)
+
+ utf16pw = unicode(
+ '"' + self.machine_pass.encode('utf-8') + '"', 'utf-8'
+ ).encode('utf-16-le')
+ self.ldb.add({
+ "dn": self.machine_dn,
+ "objectclass": "computer",
+ "sAMAccountName": "%s$" % self.machine_name,
+ "userAccountControl":
+ str(UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD),
+ "unicodePwd": utf16pw})
+
+ self.machine_creds = Credentials()
+ self.machine_creds.guess(self.get_loadparm())
+ self.machine_creds.set_secure_channel_type(SEC_CHAN_WKSTA)
+ self.machine_creds.set_password(self.machine_pass)
+ self.machine_creds.set_username(self.machine_name + "$")
+ self.machine_creds.set_workstation(self.machine_name)
+
+ #
+ # Create a test user account
+ def create_user_account(self):
+ self.user_pass = samba.generate_random_password(32, 32)
+ self.user_name = USER_NAME
+ self.user_dn = "cn=%s,%s" % (self.user_name, self.ldb.domain_dn())
+
+ # remove the account if it exists, this will happen if a previous test
+ # run failed
+ delete_force(self.ldb, self.user_dn)
+
+ utf16pw = unicode(
+ '"' + self.user_pass.encode('utf-8') + '"', 'utf-8'
+ ).encode('utf-16-le')
+ self.ldb.add({
+ "dn": self.user_dn,
+ "objectclass": "user",
+ "sAMAccountName": "%s" % self.user_name,
+ "userAccountControl": str(UF_NORMAL_ACCOUNT),
+ "unicodePwd": utf16pw})
+
+ self.user_creds = Credentials()
+ self.user_creds.guess(self.get_loadparm())
+ self.user_creds.set_password(self.user_pass)
+ self.user_creds.set_username(self.user_name)
+ self.user_creds.set_workstation(self.machine_name)
+ pass
+
+ #
+ # Get the authenticator from the machine creds.
+ def get_authenticator(self, c):
+ auth = self.machine_creds.new_client_authenticator();
+ current = netr_Authenticator()
+ current.cred.data = [ord(x) for x in auth["credential"]]
+ current.timestamp = auth["timestamp"]
+
+ subsequent = netr_Authenticator()
+ return (current, subsequent)
+
+ def do_NetrLogonSamLogonWithFlags(self, c, current, subsequent):
+ logon = samlogon_logon_info(self.domain,
+ self.machine_name,
+ self.user_creds)
+
+ logon_level = netlogon.NetlogonNetworkTransitiveInformation
+ validation_level = netlogon.NetlogonValidationSamInfo4
+ netr_flags = 0
+ c.netr_LogonSamLogonWithFlags(self.server,
+ self.user_creds.get_workstation(),
+ current,
+ subsequent,
--
Samba Shared Repository
More information about the samba-cvs
mailing list