/* try connecting to a ldap server via DNS */
static BOOL ads_try_dns(ADS_STRUCT *ads)
{
- char *realm, *ptr;
+ const char *c_realm;
+ const char *ptr;
+ char *realm;
char *list = NULL;
pstring tok;
struct ldap_ip *ip_list;
int count, i=0;
- realm = ads->server.realm;
- if (!realm || !*realm) {
- realm = lp_realm();
+ c_realm = ads->server.realm;
+ if (!c_realm || !*c_realm) {
+ c_realm = lp_realm();
}
- if (!realm || !*realm) {
- realm = ads->server.workgroup;
+ if (!c_realm || !*c_realm) {
+ c_realm = ads->server.workgroup;
}
- if (!realm || !*realm) {
- realm = lp_workgroup();
+ if (!c_realm || !*c_realm) {
+ c_realm = lp_workgroup();
}
- if (!realm) {
+ if (!c_realm) {
return False;
}
- realm = smb_xstrdup(realm);
+ realm = smb_xstrdup(c_realm);
DEBUG(6,("ads_try_dns: looking for realm '%s'\n", realm));
if (ldap_domain2hostlist(realm, &list) != LDAP_SUCCESS) {
/* try connecting to a ldap server via netbios */
static BOOL ads_try_netbios(ADS_STRUCT *ads)
{
- struct in_addr *ip_list;
+ struct in_addr *ip_list, pdc_ip;
int count;
int i;
- char *workgroup = ads->server.workgroup;
+ const char *workgroup = ads->server.workgroup;
if (!workgroup) {
workgroup = lp_workgroup();
DEBUG(6,("ads_try_netbios: looking for workgroup '%s'\n", workgroup));
/* try the PDC first */
- if (get_dc_list(True, workgroup, &ip_list, &count)) {
- for (i=0;i<count;i++) {
- DEBUG(6,("ads_try_netbios: trying server '%s'\n",
- inet_ntoa(ip_list[i])));
- if (ads_try_connect(ads, inet_ntoa(ip_list[i]), LDAP_PORT)) {
- free(ip_list);
- return True;
- }
- }
- free(ip_list);
+ if (get_pdc_ip(workgroup, &pdc_ip)) {
+ DEBUG(6,("ads_try_netbios: trying server '%s'\n",
+ inet_ntoa(pdc_ip)));
+ if (ads_try_connect(ads, inet_ntoa(pdc_ip), LDAP_PORT))
+ return True;
}
/* now any DC, including backups */
- if (get_dc_list(False, workgroup, &ip_list, &count)) {
+ if (get_dc_list(workgroup, &ip_list, &count)) {
for (i=0;i<count;i++) {
DEBUG(6,("ads_try_netbios: trying server '%s'\n",
inet_ntoa(ip_list[i])));
if (!ads->auth.user_name) {
/* by default use the machine account */
- extern pstring global_myname;
fstring myname;
- fstrcpy(myname, global_myname);
+ fstrcpy(myname, global_myname());
strlower(myname);
asprintf(&ads->auth.user_name, "HOST/%s", myname);
}
else {
/* This would be the utf8-encoded version...*/
/* if (!(search_attrs = ads_push_strvals(ctx, attrs))) */
- if (!(str_list_copy(&search_attrs, attrs)))
- {
+ if (!(str_list_copy(&search_attrs, attrs))) {
rc = LDAP_NO_MEMORY;
goto done;
}
ADS_MODLIST mods;
const char *objectClass[] = {"top", "person", "organizationalPerson",
"user", "computer", NULL};
+ const char *servicePrincipalName[3] = {NULL, NULL, NULL};
+ char *psp;
+ unsigned acct_control;
if (!(ctx = talloc_init_named("machine_account")))
return ADS_ERROR(LDAP_NO_MEMORY);
}
new_dn = talloc_asprintf(ctx, "cn=%s,%s,%s", hostname, ou_str,
ads->config.bind_path);
+ servicePrincipalName[0] = talloc_asprintf(ctx, "HOST/%s", hostname);
+ psp = talloc_asprintf(ctx, "HOST/%s.%s",
+ hostname,
+ ads->config.realm);
+ strlower(&psp[5]);
+ servicePrincipalName[1] = psp;
+
free(ou_str);
if (!new_dn)
goto done;
if (!(samAccountName = talloc_asprintf(ctx, "%s$", hostname)))
goto done;
- if (!(controlstr = talloc_asprintf(ctx, "%u",
- UF_DONT_EXPIRE_PASSWD | UF_WORKSTATION_TRUST_ACCOUNT |
- UF_TRUSTED_FOR_DELEGATION | UF_USE_DES_KEY_ONLY)))
+
+ acct_control = UF_WORKSTATION_TRUST_ACCOUNT | UF_DONT_EXPIRE_PASSWD;
+#ifndef ENCTYPE_ARCFOUR_HMAC
+ acct_control |= UF_USE_DES_KEY_ONLY;
+#endif
+ if (!(controlstr = talloc_asprintf(ctx, "%u", acct_control)))
goto done;
if (!(mods = ads_init_mods(ctx)))
ads_mod_str(ctx, &mods, "sAMAccountName", samAccountName);
ads_mod_strlist(ctx, &mods, "objectClass", objectClass);
ads_mod_str(ctx, &mods, "userPrincipalName", host_upn);
- ads_mod_str(ctx, &mods, "servicePrincipalName", host_spn);
+ ads_mod_strlist(ctx, &mods, "servicePrincipalName", servicePrincipalName);
ads_mod_str(ctx, &mods, "dNSHostName", hostname);
ads_mod_str(ctx, &mods, "userAccountControl", controlstr);
ads_mod_str(ctx, &mods, "operatingSystem", "Samba");
}
}
+struct uuid {
+ uint32 i1;
+ uint16 i2;
+ uint16 i3;
+ uint8 s[8];
+};
+
+static void dump_guid(const char *field, struct berval **values)
+{
+ int i;
+ GUID guid;
+ for (i=0; values[i]; i++) {
+ memcpy(guid.info, values[i]->bv_val, sizeof(guid.info));
+ printf("%s: %s\n", field, uuid_string_static(guid));
+ }
+}
+
/*
dump a sid result from ldap
*/
BOOL string;
void (*handler)(const char *, struct berval **);
} handlers[] = {
- {"objectGUID", False, dump_binary},
+ {"objectGUID", False, dump_guid},
{"nTSecurityDescriptor", False, dump_sd},
{"dnsRecord", False, dump_binary},
{"objectSid", False, dump_sid},