#include "idmap.h"
#include "tldap_gensec_bind.h"
#include "tldap_util.h"
-#include "secrets.h"
+#include "passdb.h"
#include "lib/param/param.h"
#include "utils/net.h"
#include "auth/gensec/gensec.h"
const char *domname,
struct tldap_context **pld)
{
- struct db_context *db_ctx;
struct netr_DsRGetDCNameInfo *dcinfo;
struct sockaddr_storage dcaddr;
struct cli_credentials *creds;
return NT_STATUS_NO_MEMORY;
}
- creds = cli_credentials_init(dcinfo);
- if (creds == NULL) {
- DBG_DEBUG("cli_credentials_init failed\n");
+ /*
+ * Here we use or own machine account as
+ * we run as domain member.
+ */
+ status = pdb_get_trust_credentials(lp_workgroup(),
+ lp_realm(),
+ dcinfo,
+ &creds);
+ if (!NT_STATUS_IS_OK(status)) {
+ DBG_DEBUG("pdb_get_trust_credentials() failed - %s\n",
+ nt_errstr(status));
TALLOC_FREE(dcinfo);
- return NT_STATUS_NO_MEMORY;
+ return status;
}
lp_ctx = loadparm_init_s3(dcinfo, loadparm_s3_helpers());
return NT_STATUS_NO_MEMORY;
}
- cli_credentials_set_conf(creds, lp_ctx);
-
- db_ctx = secrets_db_ctx();
- if (db_ctx == NULL) {
- DBG_DEBUG("Failed to open secrets.tdb.\n");
- return NT_STATUS_INTERNAL_ERROR;
- }
-
- status = cli_credentials_set_machine_account_db_ctx(creds, lp_ctx,
- db_ctx);
- if (!NT_STATUS_IS_OK(status)) {
- DBG_DEBUG("cli_credentials_set_machine_account "
- "failed: %s\n", nt_errstr(status));
- TALLOC_FREE(dcinfo);
- return status;
- }
-
rc = tldap_gensec_bind(ld, creds, "ldap", dcinfo->dc_unc, NULL, lp_ctx,
GENSEC_FEATURE_SIGN | GENSEC_FEATURE_SEAL);
if (!TLDAP_RC_IS_SUCCESS(rc)) {