Try to compile as much as possible with only ldap, but not kerberos.

4 files changed, 35 insertions, 36 deletions

diff --git a/source/libads/disp_sec.c b/source/libads/disp_sec.c
index a930fd6fe09..a7b0bf6f07c 100644
--- a/source/libads/disp_sec.c
+++ b/source/libads/disp_sec.c
@@ -20,8 +20,6 @@
 
 #include "includes.h"
 
-#ifdef HAVE_ADS
-
 static struct perm_mask_str {
 	uint32  mask;
 	char   *str;
@@ -158,5 +156,4 @@ void ads_disp_sd(SEC_DESC *sd)
 	printf("-------------- End Of Security Descriptor\n");
 }
 
-#endif
 
diff --git a/source/libads/krb5_setpw.c b/source/libads/krb5_setpw.c
index a49b6cbe3b0..8079c0953fc 100644
--- a/source/libads/krb5_setpw.c
+++ b/source/libads/krb5_setpw.c
@@ -471,4 +471,35 @@ ADS_STATUS kerberos_set_password(const char *kpasswd_server,
 }
 
 
+/**
+ * Set the machine account password
+ * @param ads connection to ads server
+ * @param hostname machine whose password is being set
+ * @param password new password
+ * @return status of password change
+ **/
+ADS_STATUS ads_set_machine_password(ADS_STRUCT *ads,
+				    const char *hostname, 
+				    const char *password)
+{
+	ADS_STATUS status;
+	char *host = strdup(hostname);
+	char *principal; 
+
+	strlower(host);
+
+	/*
+	  we need to use the '$' form of the name here, as otherwise the
+	  server might end up setting the password for a user instead
+	 */
+	asprintf(&principal, "%s$@%s", host, ads->auth.realm);
+	
+	status = krb5_set_password(ads->auth.kdc_server, principal, password, ads->auth.time_offset);
+	
+	free(host);
+	free(principal);
+
+	return status;
+}
+
 #endif
diff --git a/source/libads/ldap.c b/source/libads/ldap.c
index 1004ea229c6..2133bf0719d 100644
--- a/source/libads/ldap.c
+++ b/source/libads/ldap.c
@@ -22,7 +22,7 @@
 
 #include "includes.h"
 
-#ifdef HAVE_ADS
+#ifdef HAVE_LDAP
 
 /**
  * @file ldap.c
@@ -1444,37 +1444,6 @@ ads_set_sd_error:
 }
 
 /**
- * Set the machine account password
- * @param ads connection to ads server
- * @param hostname machine whose password is being set
- * @param password new password
- * @return status of password change
- **/
-ADS_STATUS ads_set_machine_password(ADS_STRUCT *ads,
-				    const char *hostname, 
-				    const char *password)
-{
-	ADS_STATUS status;
-	char *host = strdup(hostname);
-	char *principal; 
-
-	strlower(host);
-
-	/*
-	  we need to use the '$' form of the name here, as otherwise the
-	  server might end up setting the password for a user instead
-	 */
-	asprintf(&principal, "%s$@%s", host, ads->auth.realm);
-	
-	status = krb5_set_password(ads->auth.kdc_server, principal, password, ads->auth.time_offset);
-	
-	free(host);
-	free(principal);
-
-	return status;
-}
-
-/**
  * pull the first entry from a ADS result
  * @param ads connection to ads server
  * @param res Results of search
diff --git a/source/libads/sasl.c b/source/libads/sasl.c
index f7dd01084a2..aa7d99a5f7c 100644
--- a/source/libads/sasl.c
+++ b/source/libads/sasl.c
@@ -20,7 +20,7 @@
 
 #include "includes.h"
 
-#ifdef HAVE_ADS
+#ifdef HAVE_LDAP
 
 /* 
    perform a LDAP/SASL/SPNEGO/NTLMSSP bind (just how many layers can
@@ -190,10 +190,12 @@ static ADS_STATUS ads_sasl_spnego_bind(ADS_STRUCT *ads)
 	}
 	DEBUG(3,("got principal=%s\n", principal));
 
+#ifdef HAVE_KRB5
 	if (!(ads->auth.flags & ADS_AUTH_DISABLE_KERBEROS) &&
 	    got_kerberos_mechanism && ads_kinit_password(ads) == 0) {
 		return ads_sasl_spnego_krb5_bind(ads, principal);
 	}
+#endif
 
 	/* lets do NTLMSSP ... this has the big advantage that we don't need
 	   to sync clocks, and we don't rely on special versions of the krb5