diff options
author | Gerald Carter <jerry@samba.org> | 2006-05-14 12:58:52 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:17:02 -0500 |
commit | b16bdf985d59dd23b18fcd36a6f39e486bafb80d (patch) | |
tree | cef607bc068712a11472463dcb4e4eac21ebd736 /source3 | |
parent | ee7b4b47cb590dc16ebdf3a40b360b0f0600aa84 (diff) | |
download | samba-b16bdf985d59dd23b18fcd36a6f39e486bafb80d.tar.gz samba-b16bdf985d59dd23b18fcd36a6f39e486bafb80d.tar.xz samba-b16bdf985d59dd23b18fcd36a6f39e486bafb80d.zip |
r15597: more ads join fixes -- we can only set the PWDNOEXP and DES_ONLY acb flags on the setuserinfo(), not the createuser info call
(This used to be commit d933ac273db5977fb41954175bdc228b688bfd6e)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/utils/net_ads.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index b1790ea8980..90738f2031b 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -917,7 +917,7 @@ static NTSTATUS join_create_machine( TALLOC_CTX *mem_ctx, struct cli_state *cli, uint32 user_rid; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; - uint32 acb_info = ACB_WSTRUST | ACB_PWNOEXP; + uint32 acb_info = ACB_WSTRUST; uchar pwbuf[516]; SAM_USERINFO_CTR ctr; SAM_USER_INFO_24 p24; @@ -949,9 +949,7 @@ static NTSTATUS join_create_machine( TALLOC_CTX *mem_ctx, struct cli_state *cli, strlower_m(acct_name); const_acct_name = acct_name; -#ifndef ENCTYPE_ARCFOUR_HMAC - acb_info |= ACB_USE_DES_KEY_ONLY; -#endif + /* Don't try to set any acb_info flags other than ACB_WSTRUST */ status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol, acct_name, acb_info, 0xe005000b, &user_pol, &user_rid); @@ -1026,10 +1024,14 @@ static NTSTATUS join_create_machine( TALLOC_CTX *mem_ctx, struct cli_state *cli, ctr.switch_value = 16; ctr.info.id16 = &p16; - init_sam_user_info16(&p16, acb_info); + /* Fill in the additional account flags now */ - /* Ignoring the return value is necessary for joining a domain - as a normal user with "Add workstation to domain" privilege. */ + acb_info |= ACB_PWNOEXP; +#ifndef ENCTYPE_ARCFOUR_HMAC + acb_info |= ACB_USE_DES_KEY_ONLY; +#endif + + init_sam_user_info16(&p16, acb_info); status = rpccli_samr_set_userinfo2(pipe_hnd, mem_ctx, &user_pol, 16, &cli->user_session_key, &ctr); |