r7594: abartlet is right that this hack is not actually necessary, it just

prevents a bogus:
  GSS Update failed: Miscellaneous failure (see text): ASN.1 identifier doesn't match expected value
error on every ldap connection. I'll remove it and let the error remain until Andrew
works out a better fix.
(This used to be commit 6123eb2ecad6f53521b546f76954523fbc0fb981)

diff --git a/source4/ldap_server/ldap_bind.c b/source4/ldap_server/ldap_bind.c
index 55ce6ed24db442710cb45f7049bcc6671774fbe0..3c51dc2ba56493e85e1f8c52db184be1c000c443 100644 (file)
--- a/source4/ldap_server/ldap_bind.c
+++ b/source4/ldap_server/ldap_bind.c
@@ -74,12 +74,8 @@ static NTSTATUS ldapsrv_BindSASL(struct ldapsrv_call *call)
                gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SIGN);
                gensec_want_feature(call->conn->gensec, GENSEC_FEATURE_SEAL);
                
-               if (req->creds.SASL.secblob.length >= 7 &&
-                   strncmp(req->creds.SASL.secblob.data, "NTLMSSP", 7) == 0) {
-                       status = gensec_start_mech_by_sasl_name(call->conn->gensec, "NTLM");
-               } else {
-                       status = gensec_start_mech_by_sasl_name(call->conn->gensec, req->creds.SASL.mechanism);
-               }
+
+               status = gensec_start_mech_by_sasl_name(call->conn->gensec, req->creds.SASL.mechanism);
                if (!NT_STATUS_IS_OK(status)) {
                        DEBUG(1, ("Failed to start GENSEC SASL[%s] server code: %s\n", 
                                req->creds.SASL.mechanism, nt_errstr(status)));