user_info->client.domain_name, user_info->client.account_name, user_info->workstation_name));
DEBUG(3, ("check_ntlm_password: mapped user is: [%s]\\[%s]@[%s]\n",
- user_info->domain, user_info->mapped.account_name, user_info->workstation_name));
+ user_info->mapped.domain_name, user_info->mapped.account_name, user_info->workstation_name));
if (auth_context->challenge.length != 8) {
DEBUG(0, ("check_ntlm_password: Invalid challenge stored for this auth context - cannot continue\n"));
#endif
/* This needs to be sorted: If it doesn't match, what should we do? */
- if (!check_domain_match(user_info->client.account_name, user_info->domain))
+ if (!check_domain_match(user_info->client.account_name, user_info->mapped.domain_name))
return NT_STATUS_LOGON_FAILURE;
for (auth_method = auth_context->auth_method_list;auth_method; auth_method = auth_method->next) {
NTSTATUS result;
- mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name,
- user_info->domain, user_info->client.account_name);
+ mem_ctx = talloc_init("%s authentication for user %s\\%s", auth_method->name,
+ user_info->mapped.domain_name, user_info->client.account_name);
result = auth_method->auth(auth_context, auth_method->private_data, mem_ctx, user_info, server_info);
* password file.
*/
- if(strequal(get_global_sam_name(), user_info->domain)) {
+ if(strequal(get_global_sam_name(), user_info->mapped.domain_name)) {
DEBUG(3,("check_ntdomain_security: Requested domain was for this machine.\n"));
return NT_STATUS_NOT_IMPLEMENTED;
}
if ( !get_dc_name(domain, NULL, dc_name, &dc_ss) ) {
DEBUG(5,("check_ntdomain_security: unable to locate a DC for domain %s\n",
- user_info->domain));
+ user_info->mapped.domain_name));
return NT_STATUS_NO_LOGON_SERVERS;
}
* Check that the requested domain is not our own machine name or domain name.
*/
- if( strequal(get_global_sam_name(), user_info->domain)) {
+ if( strequal(get_global_sam_name(), user_info->mapped.domain_name)) {
DEBUG(3,("check_trustdomain_security: Requested domain [%s] was for this machine.\n",
- user_info->domain));
+ user_info->mapped.domain_name));
return NT_STATUS_NOT_IMPLEMENTED;
}
The logic is that if we know nothing about the domain, that
user is not known to us and does not exist */
- if ( !is_trusted_domain( user_info->domain ) )
+ if ( !is_trusted_domain( user_info->mapped.domain_name ) )
return NT_STATUS_NOT_IMPLEMENTED;
/*
* No need to become_root() as secrets_init() is done at startup.
*/
- if (!pdb_get_trusteddom_pw(user_info->domain, &trust_password,
+ if (!pdb_get_trusteddom_pw(user_info->mapped.domain_name, &trust_password,
NULL, NULL)) {
DEBUG(0, ("check_trustdomain_security: could not fetch trust "
"account password for domain %s\n",
- user_info->domain));
+ user_info->mapped.domain_name));
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
#ifdef DEBUG_PASSWORD
- DEBUG(100, ("Trust password for domain %s is %s\n", user_info->domain,
+ DEBUG(100, ("Trust password for domain %s is %s\n", user_info->mapped.domain_name,
trust_password));
#endif
E_md4hash(trust_password, trust_md4_password);
/* use get_dc_name() for consistency even through we know that it will be
a netbios name */
- if ( !get_dc_name(user_info->domain, NULL, dc_name, &dc_ss) ) {
+ if ( !get_dc_name(user_info->mapped.domain_name, NULL, dc_name, &dc_ss) ) {
DEBUG(5,("check_trustdomain_security: unable to locate a DC for domain %s\n",
- user_info->domain));
+ user_info->mapped.domain_name));
return NT_STATUS_NO_LOGON_SERVERS;
}
nt_status = domain_client_validate(mem_ctx,
user_info,
- user_info->domain,
+ user_info->mapped.domain_name,
(uchar *)auth_context->challenge.data,
server_info,
dc_name,
okay:
status = make_server_info_info3(mem_ctx, user_info->client.account_name,
- user_info->domain, server_info,
+ user_info->mapped.domain_name, server_info,
info3);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("make_server_info_info3 failed: %s\n",
DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
- is_local_name = is_myname(user_info->domain);
- is_my_domain = strequal(user_info->domain, lp_workgroup());
+ is_local_name = is_myname(user_info->mapped.domain_name);
+ is_my_domain = strequal(user_info->mapped.domain_name, lp_workgroup());
/* check whether or not we service this domain/workgroup name */
case ROLE_DOMAIN_MEMBER:
if ( !is_local_name ) {
DEBUG(6,("check_samstrict_security: %s is not one of my local names (%s)\n",
- user_info->domain, (lp_server_role() == ROLE_DOMAIN_MEMBER
+ user_info->mapped.domain_name, (lp_server_role() == ROLE_DOMAIN_MEMBER
? "ROLE_DOMAIN_MEMBER" : "ROLE_STANDALONE") ));
return NT_STATUS_NOT_IMPLEMENTED;
}
case ROLE_DOMAIN_BDC:
if ( !is_local_name && !is_my_domain ) {
DEBUG(6,("check_samstrict_security: %s is not one of my local names or domain name (DC)\n",
- user_info->domain));
+ user_info->mapped.domain_name));
return NT_STATUS_NOT_IMPLEMENTED;
}
default: /* name is ok */
return NT_STATUS_INVALID_PARAMETER;
}
- secret_str_len = strlen(user_info->domain) + 1 +
+ secret_str_len = strlen(user_info->mapped.domain_name) + 1 +
strlen(user_info->client.account_name) + 1 +
16 + 1 + /* 8 bytes of challenge going to 16 */
48 + 1 + /* 24 bytes of challenge going to 48 */
return NT_STATUS_NO_MEMORY;
}
- safe_strcpy( secret_str, user_info->domain, secret_str_len - 1);
+ safe_strcpy( secret_str, user_info->mapped.domain_name, secret_str_len - 1);
safe_strcat( secret_str, "\n", secret_str_len - 1);
safe_strcat( secret_str, user_info->client.account_name, secret_str_len - 1);
safe_strcat( secret_str, "\n", secret_str_len - 1);
if (ret) {
DEBUG(1,("script_check_user_credentials: failed to authenticate %s\\%s\n",
- user_info->domain, user_info->client.account_name ));
+ user_info->mapped.domain_name, user_info->client.account_name ));
/* auth failed. */
return NT_STATUS_NO_SUCH_USER;
}
sizeof(badpass),
(char *)badpass,
sizeof(badpass),
- user_info->domain))) {
+ user_info->mapped.domain_name))) {
/*
* We connected to the password server so we
/* Plaintext available */
nt_status = cli_session_setup(
cli, user_info->client.account_name,
- (char *)user_info->plaintext_password.data,
- user_info->plaintext_password.length,
- NULL, 0, user_info->domain);
+ (char *)user_info->plaintext_password.data,
+ user_info->plaintext_password.length,
+ NULL, 0, user_info->mapped.domain_name);
} else {
nt_status = cli_session_setup(
user_info->lm_resp.length,
(char *)user_info->nt_resp.data,
user_info->nt_resp.length,
- user_info->domain);
+ user_info->mapped.domain_name);
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(10, ("Check auth for: [%s]", user_info->mapped.account_name));
params.account_name = user_info->client.account_name;
- params.domain_name = user_info->domain;
+ params.domain_name = user_info->mapped.domain_name;
params.workstation_name = user_info->workstation_name;
params.flags = 0;
nt_status = make_server_info_wbcAuthUserInfo(mem_ctx,
user_info->client.account_name,
- user_info->domain,
+ user_info->mapped.domain_name,
info, server_info);
wbcFreeMemory(info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NT_STATUS_INVALID_PARAMETER;
}
- if (strequal(user_info->domain, get_global_sam_name())) {
+ if (strequal(user_info->mapped.domain_name, get_global_sam_name())) {
DEBUG(3,("check_winbind_security: Not using winbind, requested domain [%s] was for this SAM.\n",
- user_info->domain));
+ user_info->mapped.domain_name));
return NT_STATUS_NOT_IMPLEMENTED;
}
/* Send off request */
params.account_name = user_info->client.account_name;
- params.domain_name = user_info->domain;
+ params.domain_name = user_info->mapped.domain_name;
params.workstation_name = user_info->workstation_name;
params.flags = 0;
nt_status = make_server_info_wbcAuthUserInfo(mem_ctx,
user_info->client.account_name,
- user_info->domain,
+ user_info->mapped.domain_name,
info, server_info);
wbcFreeMemory(info);
if (!NT_STATUS_IS_OK(nt_status)) {
return NT_STATUS_NO_MEMORY;
}
- (*user_info)->domain = SMB_STRDUP(domain);
- if ((*user_info)->domain == NULL) {
+ (*user_info)->mapped.domain_name = SMB_STRDUP(domain);
+ if ((*user_info)->mapped.domain_name == NULL) {
free_user_info(user_info);
return NT_STATUS_NO_MEMORY;
}
}
SAFE_FREE((*user_info)->client.account_name);
SAFE_FREE((*user_info)->mapped.account_name);
- SAFE_FREE((*user_info)->domain);
SAFE_FREE((*user_info)->client.domain_name);
+ SAFE_FREE((*user_info)->mapped.domain_name);
SAFE_FREE((*user_info)->workstation_name);
data_blob_free(&(*user_info)->lm_resp);
data_blob_free(&(*user_info)->nt_resp);
} client, mapped;
bool was_mapped; /* Did the username map actually match? */
- char *domain; /* domain name after mapping */
char *internal_username; /* username after mapping */
const char *workstation_name; /* workstation name (netbios calling
* name) unicode string */