auth:creds: Prefer the principal over DOMAIN/username when using NTLM
authorAndreas Schneider <asn@samba.org>
Mon, 1 Apr 2019 13:59:10 +0000 (15:59 +0200)
committerAndrew Bartlett <abartlet@samba.org>
Tue, 2 Apr 2019 01:12:10 +0000 (01:12 +0000)
If we want to authenticate using -Wadmin@otherdomain the DC should do
take care of the authentication with the right DC for us.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13861

Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
auth/credentials/credentials.c

index 4663185..7ef58d0 100644 (file)
@@ -1115,7 +1115,7 @@ _PUBLIC_ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *c
                                              const char **username, 
                                              const char **domain) 
 {
-       if (cred->principal_obtained > cred->username_obtained) {
+       if (cred->principal_obtained >= cred->username_obtained) {
                *domain = talloc_strdup(mem_ctx, "");
                *username = cli_credentials_get_principal(cred, mem_ctx);
        } else {