auth:creds: Prefer the principal over DOMAIN/username when using NTLM

If we want to authenticate using -Wadmin@otherdomain the DC should do
take care of the authentication with the right DC for us.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13861

Pair-Programmed-With: Guenther Deschner <gd@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index 4663185c979a9f29e90258f14b6498c0afd1263c..7ef58d0752c4470670a77ab2461e300153b91c34 100644 (file)
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -1115,7 +1115,7 @@ _PUBLIC_ void cli_credentials_get_ntlm_username_domain(struct cli_credentials *c
                                              const char **username, 
                                              const char **domain) 
 {
-       if (cred->principal_obtained > cred->username_obtained) {
+       if (cred->principal_obtained >= cred->username_obtained) {
                *domain = talloc_strdup(mem_ctx, "");
                *username = cli_credentials_get_principal(cred, mem_ctx);
        } else {