}
log_authentication_event(NULL, NULL,
- user_info, nt_status,
+ &auth_context->start_time,
+ user_info,
+ nt_status,
server_info->info3->base.logon_domain.string,
server_info->info3->base.account_name.string,
unix_username, &sid);
user_info->client.account_name, user_info->mapped.account_name,
nt_errstr(nt_status), *pauthoritative));
- log_authentication_event(NULL, NULL, user_info, nt_status, NULL, NULL, NULL, NULL);
+ log_authentication_event(NULL,
+ NULL,
+ &auth_context->start_time,
+ user_info,
+ nt_status,
+ NULL,
+ NULL,
+ NULL,
+ NULL);
ZERO_STRUCTP(pserver_info);
return NT_STATUS_NO_MEMORY;
}
+ ctx->start_time = timeval_current();
+
talloc_set_destructor((TALLOC_CTX *)ctx, auth_context_destructor);
*auth_context = ctx;
/* Initialise static modules if not done so yet */
if(!initialised_static_modules) {
- static_init_auth;
+ static_init_auth(NULL);
initialised_static_modules = True;
}
Make a auth_context struct for the auth subsystem
***************************************************************************/
-static NTSTATUS make_auth_context_subsystem(TALLOC_CTX *mem_ctx,
- struct auth_context **auth_context)
+NTSTATUS make_auth3_context_for_ntlm(TALLOC_CTX *mem_ctx,
+ struct auth_context **auth_context)
{
const char *methods = NULL;
- NTSTATUS nt_status;
switch (lp_server_role()) {
case ROLE_ACTIVE_DIRECTORY_DC:
DEBUG(5,("Making default auth method list for server role = "
"'active directory domain controller'\n"));
- return make_auth_context_specific(mem_ctx, auth_context, "samba4");
- default:
+ methods = "samba4";
break;
- }
-
- if (lp_auth_methods()) {
- DEBUG(5,("Using specified auth order\n"));
- nt_status = make_auth_context_text_list(
- mem_ctx, auth_context,
- discard_const_p(char *, lp_auth_methods()));
- return nt_status;
- }
-
- switch (lp_server_role()) {
case ROLE_DOMAIN_MEMBER:
DEBUG(5,("Making default auth method list for server role = 'domain member'\n"));
- methods = "guest sam winbind:ntdomain";
+ methods = "anonymous sam winbind sam_ignoredomain";
break;
case ROLE_DOMAIN_BDC:
case ROLE_DOMAIN_PDC:
DEBUG(5,("Making default auth method list for DC\n"));
- methods = "guest sam winbind:trustdomain";
+ methods = "anonymous sam winbind sam_ignoredomain";
break;
case ROLE_STANDALONE:
DEBUG(5,("Making default auth method list for server role = 'standalone server', encrypt passwords = yes\n"));
if (lp_encrypt_passwords()) {
- methods = "guest sam";
+ methods = "anonymous sam_ignoredomain";
} else {
DEBUG(5,("Making default auth method list for server role = 'standalone server', encrypt passwords = no\n"));
- methods = "guest unix";
+ methods = "anonymous unix";
}
break;
default:
return make_auth_context_specific(mem_ctx, auth_context, methods);
}
-NTSTATUS make_auth3_context_for_ntlm(TALLOC_CTX *mem_ctx,
- struct auth_context **auth_context)
-{
- return make_auth_context_subsystem(mem_ctx, auth_context);
-}
-
NTSTATUS make_auth3_context_for_netlogon(TALLOC_CTX *mem_ctx,
struct auth_context **auth_context)
{
- return make_auth_context_subsystem(mem_ctx, auth_context);
+ const char *methods = NULL;
+
+ switch (lp_server_role()) {
+ case ROLE_DOMAIN_BDC:
+ case ROLE_DOMAIN_PDC:
+ methods = "sam_netlogon3 winbind:trustdomain";
+ break;
+
+ default:
+ DBG_ERR("Invalid server role!\n");
+ return NT_STATUS_INVALID_SERVER_STATE;
+ }
+
+ return make_auth_context_specific(mem_ctx, auth_context, methods);
}
NTSTATUS make_auth3_context_for_winbind(TALLOC_CTX *mem_ctx,