r17871: Add an option to make the system account behave as anonymous on the

network.  This helps where we are trying to talk to an LDAP server,
until we share a common SASL authentication scheme.

Andrew Bartlett

diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index 2f2a2f0b83fcb7949f4171115199260d6bb72744..7d240280832ddfdd75d0dcd48c8e3dfcc4f3e257 100644 (file)
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -607,7 +607,12 @@ NTSTATUS auth_system_session_info(TALLOC_CTX *parent_ctx,
        }
 
        cli_credentials_set_conf(session_info->credentials);
-       cli_credentials_set_machine_account_pending(session_info->credentials);
+
+       if (lp_parm_bool(-1,"system","anonymous", False)) {
+               cli_credentials_set_anonymous(session_info->credentials);
+       } else {
+               cli_credentials_set_machine_account_pending(session_info->credentials);
+       }
        *_session_info = session_info;
 
        return NT_STATUS_OK;