r6620: the type 23 schannel bind uses a workstation name, not an account name

author Andrew Tridgell <tridge@samba.org>

Thu, 5 May 2005 11:15:24 +0000 (11:15 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:16:31 +0000 (13:16 -0500)
author Andrew Tridgell <tridge@samba.org>
Thu, 5 May 2005 11:15:24 +0000 (11:15 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:16:31 +0000 (13:16 -0500)
diff --git a/source/auth/gensec/schannel.c b/source/auth/gensec/schannel.c

index 0657de27d9148819b09276db030312fcf27be3f4..ed3e2caa2ab41366dada547067c3e7adc2fb960d 100644 (file)
--- a/source/auth/gensec/schannel.c
+++ b/source/auth/gensec/schannel.c
@@ -64,9 +64,12 @@ static NTSTATUS schannel_update(struct gensec_security *gensec_security, TALLOC_
                 /* to support this we'd need to have access to the full domain name */
                 bind_schannel.bind_type = 23;
                 bind_schannel.u.info23.domain = cli_credentials_get_domain(gensec_security->credentials);
-               bind_schannel.u.info23.account_name = cli_credentials_get_username(gensec_security->credentials);
-               bind_schannel.u.info23.dnsdomain = str_format_nbt_domain(out_mem_ctx, fulldomainname);
-               bind_schannel.u.info23.workstation = str_format_nbt_domain(out_mem_ctx, cli_credentials_get_workstation(gensec_security->credentials));
+               bind_schannel.u.info23.workstation = cli_credentials_get_workstation(gensec_security->credentials);
+               bind_schannel.u.info23.dnsdomain = cli_credentials_get_realm(gensec_security->credentials);
+               /* w2k3 refuses us if we use the full DNS workstation?
+                why? perhaps because we don't fill in the dNSHostName
+                attribute in the machine account? */
+               bind_schannel.u.info23.dnsworkstation = cli_credentials_get_workstation(gensec_security->credentials);
  #else
                 bind_schannel.bind_type = 3;
                 bind_schannel.u.info3.domain = cli_credentials_get_domain(gensec_security->credentials);
diff --git a/source/librpc/idl/schannel.idl b/source/librpc/idl/schannel.idl

index e41628fdcdd07b73f84336eb1c82c1c32170a862..8c72742f88107e9f2d607905b6452c476b69122e 100644 (file)
--- a/source/librpc/idl/schannel.idl
+++ b/source/librpc/idl/schannel.idl
@@ -20,9 +20,9 @@ interface schannel
  
         typedef struct {
                 astring domain;
-               astring account_name;
-               nbt_string dnsdomain; /* in NBT dotted format */
-               nbt_string workstation;
+               astring workstation;
+               nbt_string dnsdomain;
+               nbt_string dnsworkstation;
         } schannel_bind_23;
  
         typedef [nodiscriminant] union {
author	Andrew Tridgell <tridge@samba.org>
	Thu, 5 May 2005 11:15:24 +0000 (11:15 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:16:31 +0000 (13:16 -0500)
source/auth/gensec/schannel.c		patch \| blob \| history
source/librpc/idl/schannel.idl		patch \| blob \| history