diff options
| -rw-r--r-- | WHATSNEW.txt | 2 | ||||
| -rw-r--r-- | source/rpc_client/cli_pipe.c | 19 | ||||
| -rw-r--r-- | source/utils/pdbedit.c | 10 |
3 files changed, 23 insertions, 8 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 9ef2c133e74..8095d0b4d45 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -36,6 +36,8 @@ o Jeremy Allison <jra@samba.org> o Gerald (Jerry) Carter <jerry@samba.org> * Fix 'make install' problem when building outside source/. + * Fix 'net ads join' when the workgroup is set incorrectly in + smb.conf. o Guenther Deschner <gd@samba.org> diff --git a/source/rpc_client/cli_pipe.c b/source/rpc_client/cli_pipe.c index 11eb21df446..467e652ca99 100644 --- a/source/rpc_client/cli_pipe.c +++ b/source/rpc_client/cli_pipe.c @@ -2446,15 +2446,18 @@ struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli, return NULL; } + /* A DC should use DOMAIN$ as its account name. + A member server can only use it's machine name since it + does not have an account in a trusted domain. + + We don't check the domain against lp_workgroup() here since + 'net ads join' has to continue to work with only the realm + specified in smb.conf. -- jerry */ + if ( IS_DC && !strequal(domain, lp_workgroup()) && lp_allow_trusted_domains()) { fstrcpy( machine_account, lp_workgroup() ); } else { - /* Hmmm. Is this correct for trusted domains when we're a member server ? JRA. */ - if (strequal(domain, lp_workgroup())) { - fstrcpy(machine_account, global_myname()); - } else { - fstrcpy(machine_account, domain); - } + fstrcpy(machine_account, global_myname()); } *perr = rpccli_netlogon_setup_creds(netlogon_pipe, @@ -2716,9 +2719,9 @@ struct rpc_pipe_client *cli_rpc_pipe_open_krb5(struct cli_state *cli, return NULL; } - /* Default service principal is "host/server@realm" */ + /* Default service principal is "desthost$@realm" */ if (!service_princ) { - service_princ = talloc_asprintf(result->mem_ctx, "host/%s@%s", + service_princ = talloc_asprintf(result->mem_ctx, "%s$@%s", cli->desthost, lp_realm() ); if (!service_princ) { cli_rpc_pipe_close(result); diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c index 7d95d15bf27..0a6fb7e8bec 100644 --- a/source/utils/pdbedit.c +++ b/source/utils/pdbedit.c @@ -628,6 +628,11 @@ static int new_machine (struct pdb_methods *in, const char *machine_in) get_global_sam_sid(); + if (strlen(machine_in) == 0) { + fprintf(stderr, "No machine name given\n"); + return -1; + } + fstrcpy(machinename, machine_in); machinename[15]= '\0'; @@ -708,6 +713,11 @@ static int delete_machine_entry (struct pdb_methods *in, const char *machinename { fstring name; struct samu *samaccount = NULL; + + if (strlen(machinename) == 0) { + fprintf(stderr, "No machine name given\n"); + return -1; + } fstrcpy(name, machinename); name[15] = '\0'; |