r10656: BIG merge from trunk. Features not copied over

[nivanova/samba-autobuild/.git] / source3 / smbd / change_trust_pw.c

diff --git a/source3/smbd/change_trust_pw.c b/source3/smbd/change_trust_pw.c
index 4993e285cac929620d451e69b16edc768c03413d..738d12151db5252a33972a60878ff3d5d82d28d5 100644 (file)
--- a/source3/smbd/change_trust_pw.c
+++ b/source3/smbd/change_trust_pw.c
@@ -33,7 +33,11 @@ NTSTATUS change_trust_account_password( const char *domain, const char *remote_m
        NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
        struct in_addr pdc_ip;
        fstring dc_name;
-       struct cli_state *cli;
+       struct cli_state *cli = NULL;
+       struct rpc_pipe_client *netlogon_pipe = NULL;
+
+       DEBUG(5,("change_trust_account_password: Attempting to change trust account password in domain %s....\n",
+               domain));
 
        if (remote_machine == NULL || !strcmp(remote_machine, "*")) {
                /* Use the PDC *only* for this */
@@ -45,22 +49,20 @@ NTSTATUS change_trust_account_password( const char *domain, const char *remote_m
 
                if ( !name_status_find( domain, 0x1b, 0x20, pdc_ip, dc_name) )
                        goto failed;
-       }
-       /* supoport old deprecated "smbpasswd -j DOMAIN -r MACHINE" behavior */
-       else {
+       } else {
+               /* supoport old deprecated "smbpasswd -j DOMAIN -r MACHINE" behavior */
                fstrcpy( dc_name, remote_machine );
        }
        
        /* if this next call fails, then give up.  We can't do
           password changes on BDC's  --jerry */
           
-       if (!NT_STATUS_IS_OK(cli_full_connection(&cli, global_myname(), remote_machine, 
+       if (!NT_STATUS_IS_OK(cli_full_connection(&cli, global_myname(), dc_name, 
                                           NULL, 0,
                                           "IPC$", "IPC",  
                                           "", "",
-                                          "", 0, NULL))) 
-       {
-               DEBUG(0,("modify_trust_password: Connection to %s failed!\n", remote_machine));
+                                          "", 0, Undefined, NULL))) {
+               DEBUG(0,("modify_trust_password: Connection to %s failed!\n", dc_name));
                nt_status = NT_STATUS_UNSUCCESSFUL;
                goto failed;
        }
@@ -70,21 +72,18 @@ NTSTATUS change_trust_account_password( const char *domain, const char *remote_m
         * Now start the NT Domain stuff :-).
         */
 
-       if(cli_nt_session_open(cli, PI_NETLOGON) == False) {
+       /* Shouldn't we open this with schannel ? JRA. */
+
+       netlogon_pipe = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON, &nt_status);
+       if (!netlogon_pipe) {
                DEBUG(0,("modify_trust_password: unable to open the domain client session to machine %s. Error was : %s.\n", 
-                       remote_machine, cli_errstr(cli)));
-               cli_nt_session_close(cli);
-               cli_ulogoff(cli);
+                       dc_name, nt_errstr(nt_status)));
                cli_shutdown(cli);
-               nt_status = NT_STATUS_UNSUCCESSFUL;
                goto failed;
        }
 
-       nt_status = trust_pw_find_change_and_store_it(cli, cli->mem_ctx,
-                                                     domain);
+       nt_status = trust_pw_find_change_and_store_it(netlogon_pipe, cli->mem_ctx, domain);
   
-       cli_nt_session_close(cli);
-       cli_ulogoff(cli);
        cli_shutdown(cli);
        
 failed:
@@ -92,6 +91,8 @@ failed:
                DEBUG(0,("%s : change_trust_account_password: Failed to change password for domain %s.\n", 
                        timestring(False), domain));
        }
+       else
+               DEBUG(5,("change_trust_account_password: sucess!\n"));
   
        return nt_status;
 }