*/
#include "includes.h"
-#include "../libcli/auth/libcli_auth.h"
+#include "auth.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_AUTH
{
struct auth_methods *result;
- result = TALLOC_ZERO_P(auth_context, struct auth_methods);
+ result = talloc_zero(auth_context, struct auth_methods);
if (result == NULL) {
return NT_STATUS_NO_MEMORY;
}
DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
- is_local_name = is_myname(user_info->domain);
- is_my_domain = strequal(user_info->domain, lp_workgroup());
+ is_local_name = is_myname(user_info->mapped.domain_name);
+ is_my_domain = strequal(user_info->mapped.domain_name, lp_workgroup());
/* check whether or not we service this domain/workgroup name */
case ROLE_DOMAIN_MEMBER:
if ( !is_local_name ) {
DEBUG(6,("check_samstrict_security: %s is not one of my local names (%s)\n",
- user_info->domain, (lp_server_role() == ROLE_DOMAIN_MEMBER
+ user_info->mapped.domain_name, (lp_server_role() == ROLE_DOMAIN_MEMBER
? "ROLE_DOMAIN_MEMBER" : "ROLE_STANDALONE") ));
return NT_STATUS_NOT_IMPLEMENTED;
}
case ROLE_DOMAIN_BDC:
if ( !is_local_name && !is_my_domain ) {
DEBUG(6,("check_samstrict_security: %s is not one of my local names or domain name (DC)\n",
- user_info->domain));
+ user_info->mapped.domain_name));
return NT_STATUS_NOT_IMPLEMENTED;
}
default: /* name is ok */
{
struct auth_methods *result;
- result = TALLOC_ZERO_P(auth_context, struct auth_methods);
+ if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC
+ && !lp_parm_bool(-1, "server role check", "inhibit", false)) {
+ DEBUG(0, ("server role = 'active directory domain controller' not compatible with running the auth_sam module. \n"));
+ DEBUGADD(0, ("You should not set 'auth methods' when running the AD DC.\n"));
+ exit(1);
+ }
+
+ result = talloc_zero(auth_context, struct auth_methods);
if (result == NULL) {
return NT_STATUS_NO_MEMORY;
}
git.samba.org / obnox / samba / samba-obnox.git / blobdiff