ntlm_auth: Allow us to use kerberos when we are an AD DC

author Andrew Bartlett <abartlet@samba.org>

Sun, 12 Oct 2014 20:42:25 +0000 (09:42 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Fri, 17 Oct 2014 10:57:08 +0000 (12:57 +0200)
author Andrew Bartlett <abartlet@samba.org>
Sun, 12 Oct 2014 20:42:25 +0000 (09:42 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Fri, 17 Oct 2014 10:57:08 +0000 (12:57 +0200)
diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c

index f907742a2685821b25cb949831691ec6a0d17ede..6564eca422b19fd79daf377d4d60fd55f0b1942e 100644 (file)
--- a/source3/utils/ntlm_auth.c
+++ b/source3/utils/ntlm_auth.c
@@ -1111,7 +1111,7 @@ static NTSTATUS ntlm_auth_start_ntlmssp_server(TALLOC_CTX *mem_ctx,
         
         cli_credentials_set_conf(server_credentials, lp_ctx);
         
-       if (lp_security() == SEC_ADS || USE_KERBEROS_KEYTAB) {
+       if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC || lp_security() == SEC_ADS || USE_KERBEROS_KEYTAB) {
                 cli_credentials_set_kerberos_state(server_credentials, CRED_AUTO_USE_KERBEROS);
         } else {
                 cli_credentials_set_kerberos_state(server_credentials, CRED_DONT_USE_KERBEROS);
author	Andrew Bartlett <abartlet@samba.org>
	Sun, 12 Oct 2014 20:42:25 +0000 (09:42 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Fri, 17 Oct 2014 10:57:08 +0000 (12:57 +0200)