r11206: It appears to me that any account may operate as a server.

author Andrew Bartlett <abartlet@samba.org>

Thu, 20 Oct 2005 04:56:47 +0000 (04:56 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:45:02 +0000 (13:45 -0500)
author Andrew Bartlett <abartlet@samba.org>
Thu, 20 Oct 2005 04:56:47 +0000 (04:56 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:45:02 +0000 (13:45 -0500)
diff --git a/source4/kdc/hdb-ldb.c b/source4/kdc/hdb-ldb.c

index 2f97fd6ee8c891b367394d5222612b8103bb46d1..763550106447d94478c3d79132db52a401c31d02 100644 (file)
--- a/source4/kdc/hdb-ldb.c
+++ b/source4/kdc/hdb-ldb.c
@@ -116,6 +116,9 @@ static HDBFlags uf2HDBFlags(krb5_context context, int userAccountControl, enum h
                 if (ent_type == HDB_LDB_ENT_TYPE_CLIENT || ent_type == HDB_LDB_ENT_TYPE_ANY) {
                         flags.client = 1;
                 }
+               if (ent_type == HDB_LDB_ENT_TYPE_SERVER || ent_type == HDB_LDB_ENT_TYPE_ANY) {
+                       flags.server = 1;
+               }
                 flags.invalid = 0;
         }
         
@@ -144,8 +147,9 @@ static HDBFlags uf2HDBFlags(krb5_context context, int userAccountControl, enum h
                 flags.invalid = 0;
         }
  
+       /* Not permitted to act as a client if disabled */
         if (userAccountControl & UF_ACCOUNTDISABLE) {
-               flags.invalid = 1;
+               flags.client = 0;
         }
         if (userAccountControl & UF_LOCKOUT) {
                 flags.invalid = 1;
author	Andrew Bartlett <abartlet@samba.org>
	Thu, 20 Oct 2005 04:56:47 +0000 (04:56 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:45:02 +0000 (13:45 -0500)