124-sesssetup.c.diff [plain text]
--- samba/source/smbd/sesssetup.c.orig 2004/08/26 21:35:15 1.1.1.10
+++ samba/source/smbd/sesssetup.c 2005/03/03 01:28:40
@@ -154,6 +154,11 @@
uint8 tok_id[2];
DATA_BLOB nullblob = data_blob(NULL, 0);
fstring real_username;
+#ifdef WITH_OPENDIRECTORY
+ SAM_ACCOUNT *sam_pass=NULL;
+ BOOL trustaccount = False;
+ char *fullname=NULL;
+#endif
ZERO_STRUCT(ticket);
ZERO_STRUCT(auth_data);
@@ -248,18 +253,50 @@
if (!pw) {
DEBUG(1,("Username %s is invalid on this system\n",user));
+#ifdef WITH_OPENDIRECTORY
+
+ if (lp_opendirectory() && strchr_m(client, '$')) {
+ DEBUG(1,("Lookup trust account via passdb (%s)\n",user));
+ pdb_init_sam(&sam_pass);
+ trustaccount = pdb_getsampwnam(sam_pass, client);
+ if (trustaccount == True) {
+ fullname = pdb_get_fullname (sam_pass);
+ fstrcpy(real_username, fullname);
+ DEBUG(1,("trust account found via passdb fullname(%s)\n",fullname));
+ }
+ pdb_free_sam(&sam_pass);
+ }
+ if (!trustaccount) {
+#endif
SAFE_FREE(user);
SAFE_FREE(client);
data_blob_free(&ap_rep);
data_blob_free(&session_key);
return ERROR_NT(NT_STATUS_LOGON_FAILURE);
+#ifdef WITH_OPENDIRECTORY
}
+#endif
+ }
/* setup the string used by %U */
sub_set_smb_name( real_username );
+
reload_services(True);
+#ifdef WITH_OPENDIRECTORY
+ if (trustaccount && lp_opendirectory()) {
+ if (!NT_STATUS_IS_OK(ret = make_server_info_guest(&server_info)))
+ {
+ DEBUG(1,("make_server_info_guest (TRUST ACCOUNT) failed!\n"));
+ SAFE_FREE(user);
+ SAFE_FREE(client);
+ data_blob_free(&ap_rep);
+ data_blob_free(&session_key);
+ return ERROR_NT(ret);
+ }
+ } else {
+#endif
if (!NT_STATUS_IS_OK(ret = make_server_info_pw(&server_info, real_username, pw)))
{
DEBUG(1,("make_server_info_from_pw failed!\n"));
@@ -269,7 +306,9 @@
data_blob_free(&session_key);
return ERROR_NT(ret);
}
-
+#ifdef WITH_OPENDIRECTORY
+ }
+#endif
/* make_server_info_pw does not set the domain. Without this we end up
* with the local netbios name in substitutions for %D. */