return true;
}
- /* Just get the account for the requested domain. In the future this
- * might also cover to be member of more than one domain. */
+ /* Here we are a domain member server. We can only be a member
+ of one domain so ignore the request domain and assume our own */
- pwd = secrets_fetch_machine_password(domain, &last_set_time, channel);
+ pwd = secrets_fetch_machine_password(lp_workgroup(), &last_set_time, channel);
if (pwd != NULL) {
*ret_pwd = pwd;
return NT_STATUS_NO_MEMORY;
}
- /* this is at least correct when domain is our domain,
- * which is the only case, when this is currently used: */
+ /* For now assume our machine account only exists in our domain */
+
if (machine_krb5_principal != NULL)
{
if (asprintf(machine_krb5_principal, "%s$@%s",
- account_name, domain->alt_name) == -1)
+ account_name, lp_realm()) == -1)
{
return NT_STATUS_NO_MEMORY;
}