{
NTSTATUS result;
uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS;
+ struct netr_Authenticator clnt_creds, srv_cred;
result = rpccli_netlogon_setup_creds(cli,
cli->desthost, /* server name */
return result;
}
+ netlogon_creds_client_step(cli->dc, &clnt_creds);
+
if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) {
- struct netr_Authenticator clnt_creds, srv_cred;
struct netr_CryptPassword new_password;
- netlogon_creds_client_step(cli->dc, &clnt_creds);
-
init_netr_CryptPassword(new_trust_pwd_cleartext,
cli->dc->sess_key,
&new_password);
&clnt_creds,
&srv_cred,
&new_password);
-
- /* Always check returned credentials. */
- if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
- DEBUG(0,("rpccli_netr_ServerPasswordSet2: "
- "credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(0,("rpccli_netr_ServerPasswordSet2 failed: %s\n",
+ nt_errstr(result)));
+ return result;
}
-
} else {
- struct netr_Authenticator clnt_creds, srv_cred;
struct samr_Password new_password;
- netlogon_creds_client_step(cli->dc, &clnt_creds);
-
cred_hash3(new_password.hash,
new_trust_passwd_hash,
cli->dc->sess_key, 1);
&clnt_creds,
&srv_cred,
&new_password);
-
- /* Always check returned credentials. */
- if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
- DEBUG(0,("rpccli_netr_ServerPasswordSet: "
- "credentials chain check failed\n"));
- return NT_STATUS_ACCESS_DENIED;
+ if (!NT_STATUS_IS_OK(result)) {
+ DEBUG(0,("rpccli_netr_ServerPasswordSet failed: %s\n",
+ nt_errstr(result)));
+ return result;
}
}
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(0,("just_change_the_password: unable to change password (%s)!\n",
- nt_errstr(result)));
+ /* Always check returned credentials. */
+ if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) {
+ DEBUG(0,("credentials chain check failed\n"));
+ return NT_STATUS_ACCESS_DENIED;
}
+
return result;
}
git.samba.org / samba.git / commitdiff