{"stdin", 'i', POPT_ARG_NONE, &c->opt_stdin},
{"timeout", 't', POPT_ARG_INT, &c->opt_timeout},
{"machine-pass",'P', POPT_ARG_NONE, &c->opt_machine_pass},
+ {"kerberos", 'k', POPT_ARG_NONE, &c->opt_kerberos},
{"myworkgroup", 'W', POPT_ARG_STRING, &c->opt_workgroup},
{"verbose", 'v', POPT_ARG_NONE, &c->opt_verbose},
{"test", 'T', POPT_ARG_NONE, &c->opt_testmode},
const char *opt_exclude;
const char *opt_destination;
int opt_testmode;
+ bool opt_kerberos;
int opt_have_ip;
struct sockaddr_storage opt_dest_ip;
d_printf("\t-l or --long\t\t\tDisplay full information\n");
d_printf("\t-V or --version\t\t\tPrint samba version information\n");
d_printf("\t-P or --machine-pass\t\tAuthenticate as machine account\n");
- d_printf("\t-e or --encrypt\t\tEncrypt SMB transport (UNIX extended servers only)\n");
+ d_printf("\t-e or --encrypt\t\t\tEncrypt SMB transport (UNIX extended servers only)\n");
+ d_printf("\t-k or --kerberos\t\tUse kerberos (active directory) authentication\n");
return -1;
}
const char *service_type)
{
NTSTATUS nt_status;
+ int flags = 0;
c->opt_password = net_prompt_pass(c, c->opt_user_name);
- if (!c->opt_password) {
- return NT_STATUS_NO_MEMORY;
+
+ if (c->opt_kerberos) {
+ flags |= CLI_FULL_CONNECTION_USE_KERBEROS;
+ }
+
+ if (c->opt_kerberos && c->opt_password) {
+ flags |= CLI_FULL_CONNECTION_FALLBACK_AFTER_KERBEROS;
}
nt_status = cli_full_connection(cli_ctx, NULL, server_name,
server_ss, c->opt_port,
service_name, service_type,
c->opt_user_name, c->opt_workgroup,
- c->opt_password, 0, Undefined, NULL);
+ c->opt_password, flags, Undefined, NULL);
if (!NT_STATUS_IS_OK(nt_status)) {
d_fprintf(stderr, "Could not connect to server %s\n", server_name);
return NULL;
}
+ if (c->opt_kerberos && !c->opt_user_specified) {
+ return NULL;
+ }
+
asprintf(&prompt, "Enter %s's password:", user);
if (!prompt) {
return NULL;