NTSTATUS status;
int ret;
char *princ;
+ const char *domain;
+ char *domain_with_dot;
dn = get_account_dn(pdb_get_username(sampass));
if (dn == NULL) {
return NT_STATUS_NO_MEMORY;
}
+ domain = pdb_get_domain(sampass);
+ if (domain == NULL) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ domain_with_dot = talloc_asprintf(talloc_tos(), "%s.", domain);
+ if (domain_with_dot == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", LDAP_OBJ_KRB_PRINCIPAL);
smbldap_set_mod(&mods, LDAP_MOD_ADD,
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", "ipaHost");
smbldap_set_mod(&mods, LDAP_MOD_ADD,
- "fqdn", "dummy.dummy.dummy");
+ "fqdn", domain);
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"objectclass", "posixAccount");
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"gidNumber", "12345");
smbldap_set_mod(&mods, LDAP_MOD_ADD,
"homeDirectory", "/dev/null");
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain);
+ smbldap_set_mod(&mods, LDAP_MOD_ADD, "uid", domain_with_dot);
ret = smbldap_modify(ldap_state->smbldap_state, dn, mods);
ldap_mods_free(mods, true);
static NTSTATUS add_trusted_domain_user(TALLOC_CTX *mem_ctx,
const char *netbios_name,
+ const char *domain_name,
struct trustDomainPasswords auth_struct)
{
NTSTATUS status;
return NT_STATUS_UNSUCCESSFUL;
}
- if (!pdb_set_domain(sam_acct, get_global_sam_name(), PDB_SET)) {
+ if (!pdb_set_domain(sam_acct, domain_name, PDB_SET)) {
return NT_STATUS_UNSUCCESSFUL;
}
if (r->in.info->trust_direction & LSA_TRUST_DIRECTION_INBOUND) {
status = add_trusted_domain_user(p->mem_ctx,
r->in.info->netbios_name.string,
+ r->in.info->domain_name.string,
auth_struct);
if (!NT_STATUS_IS_OK(status)) {
return status;