The branch, v3-2-test has been updated
via 57368f883fb217b4196858bb2255c0eea59a8917 (commit)
via 40e8caa2d81168be3e48ececf5746d8f659a96d6 (commit)
via 8af80976a3a8dd9d02a6763e48b2c1d8003ae4dd (commit)
via 4a7acf4a2374138b20a5cdebdcc721668bbd865b (commit)
via a9b76c9e2d93c8aa482dbee54f29d7e1503abe4f (commit)
via b76250f1cf7238613658901b961d68a0da592712 (commit)
from 48f638a45525c01db9855e3ef809f08ce65da8d8 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 57368f883fb217b4196858bb2255c0eea59a8917
Author: Günther Deschner <[EMAIL PROTECTED]>
Date: Sat Jan 12 02:24:55 2008 +0100
Fix some indents.
Guenther
commit 40e8caa2d81168be3e48ececf5746d8f659a96d6
Author: Günther Deschner <[EMAIL PROTECTED]>
Date: Sat Jan 12 02:22:44 2008 +0100
Call dsgetdcname when we have no specific dc defined for joining.
Guenther
commit 8af80976a3a8dd9d02a6763e48b2c1d8003ae4dd
Author: Günther Deschner <[EMAIL PROTECTED]>
Date: Sat Jan 12 02:20:33 2008 +0100
Fix some error strings in libnet_join.
Guenther
commit 4a7acf4a2374138b20a5cdebdcc721668bbd865b
Author: Günther Deschner <[EMAIL PROTECTED]>
Date: Sat Jan 12 02:19:21 2008 +0100
Add appropriate error code when pre-creating accounts in ous isnt supported
by DC.
Guenther
commit a9b76c9e2d93c8aa482dbee54f29d7e1503abe4f
Author: Günther Deschner <[EMAIL PROTECTED]>
Date: Sat Jan 12 02:17:10 2008 +0100
For libnet_join error string functions, make sure not to overwrite last
status string.
Guenther
commit b76250f1cf7238613658901b961d68a0da592712
Author: Günther Deschner <[EMAIL PROTECTED]>
Date: Sat Jan 12 02:15:42 2008 +0100
Merge all ads related calls in libnet_join_post_processing_ads().
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/libnet/libnet_join.c | 144 +++++++++++++++++++++++++++++--------------
1 files changed, 97 insertions(+), 47 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/libnet/libnet_join.c b/source/libnet/libnet_join.c
index 689d8de..9b62286 100644
--- a/source/libnet/libnet_join.c
+++ b/source/libnet/libnet_join.c
@@ -30,14 +30,14 @@ static void libnet_join_set_error_string(TALLOC_CTX
*mem_ctx,
const char *format, ...)
{
va_list args;
- char *tmp = NULL;
+
+ if (r->out.error_string) {
+ return;
+ }
va_start(args, format);
- tmp = talloc_vasprintf(mem_ctx, format, args);
+ r->out.error_string = talloc_vasprintf(mem_ctx, format, args);
va_end(args);
-
- TALLOC_FREE(r->out.error_string);
- r->out.error_string = tmp;
}
/****************************************************************
@@ -48,14 +48,14 @@ static void libnet_unjoin_set_error_string(TALLOC_CTX
*mem_ctx,
const char *format, ...)
{
va_list args;
- char *tmp = NULL;
+
+ if (r->out.error_string) {
+ return;
+ }
va_start(args, format);
- tmp = talloc_vasprintf(mem_ctx, format, args);
+ r->out.error_string = talloc_vasprintf(mem_ctx, format, args);
va_end(args);
-
- TALLOC_FREE(r->out.error_string);
- r->out.error_string = tmp;
}
#ifdef WITH_ADS
@@ -457,7 +457,8 @@ static bool libnet_join_derive_salting_principal(TALLOC_CTX
*mem_ctx,
status = ads_domain_func_level(r->in.ads, &domain_func);
if (!ADS_ERR_OK(status)) {
libnet_join_set_error_string(mem_ctx, r,
- "Failed to determine domain functional level!");
+ "failed to determine domain functional level: %s",
+ ads_errstr(status));
return false;
}
@@ -491,6 +492,50 @@ static bool
libnet_join_derive_salting_principal(TALLOC_CTX *mem_ctx,
return kerberos_secrets_store_des_salt(salt);
}
+/****************************************************************
+****************************************************************/
+
+static ADS_STATUS libnet_join_post_processing_ads(TALLOC_CTX *mem_ctx,
+ struct libnet_JoinCtx *r)
+{
+ ADS_STATUS status;
+
+ status = libnet_join_set_machine_spn(mem_ctx, r);
+ if (!ADS_ERR_OK(status)) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "failed to set machine spn: %s",
+ ads_errstr(status));
+ return status;
+ }
+
+ status = libnet_join_set_os_attributes(mem_ctx, r);
+ if (!ADS_ERR_OK(status)) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "failed to set machine os attributes: %s",
+ ads_errstr(status));
+ return status;
+ }
+
+ status = libnet_join_set_machine_upn(mem_ctx, r);
+ if (!ADS_ERR_OK(status)) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "failed to set machine upn: %s",
+ ads_errstr(status));
+ return status;
+ }
+
+ if (!libnet_join_derive_salting_principal(mem_ctx, r)) {
+ return ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
+ }
+
+ if (!libnet_join_create_keytab(mem_ctx, r)) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "failed to create kerberos keytab");
+ return ADS_ERROR_NT(NT_STATUS_UNSUCCESSFUL);
+ }
+
+ return ADS_SUCCESS;
+}
#endif /* WITH_ADS */
/****************************************************************
@@ -626,7 +671,8 @@ static NTSTATUS libnet_join_joindomain_rpc(TALLOC_CTX
*mem_ctx,
0xe005000b, &user_pol,
&user_rid);
if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
- if (!(r->in.join_flags &
WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED)) {
+ if (!(r->in.join_flags &
+ WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED)) {
goto done;
}
}
@@ -863,7 +909,7 @@ static WERROR do_join_modify_vals_config(struct
libnet_JoinCtx *r)
W_ERROR_NOT_OK_RETURN(werr);
werr = libnet_conf_set_global_parameter("realm",
- r->out.dns_domain_name);
+ r->out.dns_domain_name);
W_ERROR_NOT_OK_RETURN(werr);
}
@@ -1019,26 +1065,57 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
NTSTATUS status;
#ifdef WITH_ADS
ADS_STATUS ads_status;
+#endif /* WITH_ADS */
+ if (!r->in.dc_name) {
+ struct DS_DOMAIN_CONTROLLER_INFO *info;
+ status = dsgetdcname(mem_ctx,
+ NULL,
+ r->in.domain_name,
+ NULL,
+ NULL,
+ DS_DIRECTORY_SERVICE_REQUIRED |
+ DS_WRITABLE_REQUIRED |
+ DS_RETURN_DNS_NAME,
+ &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "failed to find DC: %s",
+ nt_errstr(status));
+ return WERR_DOMAIN_CONTROLLER_NOT_FOUND;
+ }
+
+ r->in.dc_name = talloc_strdup(mem_ctx,
+ info->domain_controller_name);
+ W_ERROR_HAVE_NO_MEMORY(r->in.dc_name);
+ }
+
+#ifdef WITH_ADS
if (r->in.account_ou) {
+
ads_status = libnet_join_connect_ads(mem_ctx, r);
if (!ADS_ERR_OK(ads_status)) {
- return WERR_GENERAL_FAILURE;
+ return WERR_DEFAULT_JOIN_REQUIRED;
}
+
ads_status = libnet_join_precreate_machine_acct(mem_ctx, r);
if (!ADS_ERR_OK(ads_status)) {
libnet_join_set_error_string(mem_ctx, r,
"failed to precreate account in ou %s: %s",
r->in.account_ou,
ads_errstr(ads_status));
- return WERR_GENERAL_FAILURE;
+ return WERR_DEFAULT_JOIN_REQUIRED;
}
r->in.join_flags &= ~WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE;
}
#endif /* WITH_ADS */
+
status = libnet_join_joindomain_rpc(mem_ctx, r);
if (!NT_STATUS_IS_OK(status)) {
+ libnet_join_set_error_string(mem_ctx, r,
+ "failed to join domain over rpc: %s",
+ nt_errstr(status));
if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
return WERR_SETUP_ALREADY_JOINED;
}
@@ -1050,41 +1127,14 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx,
}
#ifdef WITH_ADS
- ads_status = libnet_join_set_machine_spn(mem_ctx, r);
- if (!ADS_ERR_OK(ads_status)) {
- libnet_join_set_error_string(mem_ctx, r,
- "failed to set machine spn: %s",
- ads_errstr(ads_status));
- return WERR_GENERAL_FAILURE;
- }
-
- ads_status = libnet_join_set_os_attributes(mem_ctx, r);
- if (!ADS_ERR_OK(ads_status)) {
- libnet_join_set_error_string(mem_ctx, r,
- "failed to set machine os attributes: %s",
- ads_errstr(ads_status));
- return WERR_GENERAL_FAILURE;
- }
-
- ads_status = libnet_join_set_machine_upn(mem_ctx, r);
- if (!ADS_ERR_OK(ads_status)) {
- libnet_join_set_error_string(mem_ctx, r,
- "failed to set machine upn: %s",
- ads_errstr(ads_status));
- return WERR_GENERAL_FAILURE;
- }
-
- if (!libnet_join_derive_salting_principal(mem_ctx, r)) {
- return WERR_GENERAL_FAILURE;
+ if (r->out.domain_is_ad) {
+ ads_status = libnet_join_post_processing_ads(mem_ctx, r);
+ if (!ADS_ERR_OK(ads_status)) {
+ return WERR_GENERAL_FAILURE;
+ }
}
#endif /* WITH_ADS */
- if (!libnet_join_create_keytab(mem_ctx, r)) {
- libnet_join_set_error_string(mem_ctx, r,
- "failed to create kerberos keytab");
- return WERR_GENERAL_FAILURE;
- }
-
return WERR_OK;
}
--
Samba Shared Repository
