Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Apr 24 17:14:48 CEST 2013 on sn-devel-104
Autobuild-User(v4-0-test): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(v4-0-test): Tue Apr 30 11:16:19 CEST 2013 on sn-devel-104
}
/* Send off request */
-
params.account_name = user_info->client.account_name;
- params.domain_name = user_info->mapped.domain_name;
+ /*
+ * We need to send the domain name from the client to the DC. With
+ * NTLMv2 the domain name is part of the hashed second challenge,
+ * if we change the domain name, the DC will fail to verify the
+ * challenge cause we changed the domain name, this is like a
+ * man in the middle attack.
+ */
+ params.domain_name = user_info->client.domain_name;
params.workstation_name = user_info->workstation_name;
params.flags = 0;