r6620: the type 23 schannel bind uses a workstation name, not an account name
[samba.git] / source / auth / gensec / schannel.c
index 0657de27d9148819b09276db030312fcf27be3f4..ed3e2caa2ab41366dada547067c3e7adc2fb960d 100644 (file)
@@ -64,9 +64,12 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
                /* to support this we'd need to have access to the full domain name */
                bind_schannel.bind_type = 23;
                bind_schannel.u.info23.domain = cli_credentials_get_domain(gensec_security->credentials);
-               bind_schannel.u.info23.account_name = cli_credentials_get_username(gensec_security->credentials);
-               bind_schannel.u.info23.dnsdomain = str_format_nbt_domain(out_mem_ctx, fulldomainname);
-               bind_schannel.u.info23.workstation = str_format_nbt_domain(out_mem_ctx, cli_credentials_get_workstation(gensec_security->credentials));
+               bind_schannel.u.info23.workstation = cli_credentials_get_workstation(gensec_security->credentials);
+               bind_schannel.u.info23.dnsdomain = cli_credentials_get_realm(gensec_security->credentials);
+               /* w2k3 refuses us if we use the full DNS workstation?
+                why? perhaps because we don't fill in the dNSHostName
+                attribute in the machine account? */
+               bind_schannel.u.info23.dnsworkstation = cli_credentials_get_workstation(gensec_security->credentials);
 #else
                bind_schannel.bind_type = 3;
                bind_schannel.u.info3.domain = cli_credentials_get_domain(gensec_security->credentials);