struct creds_CredentialState *netlogon_creds;
enum netr_SchannelType secure_channel_type;
+ int kvno;
/* We are flagged to get machine account details from the
* secrets.ldb when we are asked for a username or password */
"realm",
"secureChannelType",
"ntPwdHash",
+ "msDS-KeyVersionNumber",
NULL
};
cli_credentials_set_password(cred, password, CRED_SPECIFIED);
}
+ cli_credentials_set_kvno(cred, ldb_msg_find_int(msgs[0], "msDS-KeyVersionNumber", 0));
+
talloc_free(mem_ctx);
return NT_STATUS_OK;
return cred->secure_channel_type;
}
+/**
+ * Set Kerberos KVNO
+ */
+
+void cli_credentials_set_kvno(struct cli_credentials *cred,
+ int kvno)
+{
+ cred->kvno = kvno;
+}
+
+/**
+ * Return Kerberos KVNO
+ */
+
+int cli_credentials_get_kvno(struct cli_credentials *cred)
+{
+ return cred->kvno;
+}
+
/**
* Fill in a credentials structure as the anonymous user
*/
unicodePwd: ${JOINPASS}
servicePrincipalName: HOST/${DNSNAME}
servicePrincipalName: HOST/${NETBIOSNAME}
+msDS-KeyVersionNumber: 1
dn: CN=krbtgt,CN=Users,${BASEDN}
objectClass: top