- ZERO_STRUCT(request);
- ZERO_STRUCT(response);
-
- snprintf(request.data.auth_crap.user, sizeof(request.data.auth_crap.user),
- "%s\\%s", user_info->domain.str, user_info->smb_name.str);
-
- fstrcpy(request.data.auth_crap.user, user_info->smb_name.str);
- fstrcpy(request.data.auth_crap.domain, user_info->domain.str);
-
- memcpy(request.data.auth_crap.chal, auth_context->challenge.data, sizeof(request.data.auth_crap.chal));
-
- request.data.auth_crap.lm_resp_len = MIN(user_info->lm_resp.length,
- sizeof(request.data.auth_crap.lm_resp));
- request.data.auth_crap.nt_resp_len = MIN(user_info->nt_resp.length,
- sizeof(request.data.auth_crap.nt_resp));
-
- memcpy(request.data.auth_crap.lm_resp, user_info->lm_resp.data,
- sizeof(request.data.auth_crap.lm_resp_len));
- memcpy(request.data.auth_crap.nt_resp, user_info->nt_resp.data,
- request.data.auth_crap.lm_resp_len);
-
- result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response);
-
- if (result == NSS_STATUS_SUCCESS) {
-
- pw = Get_Pwnam(user_info->internal_username.str);
-
- if (pw) {
- if (make_server_info_pw(server_info, pw)) {
- nt_status = NT_STATUS_OK;
- } else {
- nt_status = NT_STATUS_NO_MEMORY;
- }
- } else {
- nt_status = NT_STATUS_NO_SUCH_USER;
- }
- } else {
- nt_status = NT_STATUS_LOGON_FAILURE;
+ /* we are contacting the privileged pipe */
+ become_root();
+ wbc_status = wbcAuthenticateUserEx(¶ms, &info, &err);
+ unbecome_root();
+
+ if (!WBC_ERROR_IS_OK(wbc_status)) {
+ DEBUG(10,("check_winbind_security: wbcAuthenticateUserEx failed: %s\n",
+ wbcErrorString(wbc_status)));
+ }
+
+ if (wbc_status == WBC_ERR_NO_MEMORY) {
+ return NT_STATUS_NO_MEMORY;