Author: abartlet Date: 2007-08-28 04:35:29 +0000 (Tue, 28 Aug 2007) New Revision: 24730
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=24730 Log: Allow secrets entries to be for service principals. Andrew Bartlett Modified: branches/SAMBA_4_0/source/auth/credentials/credentials_files.c Changeset: Modified: branches/SAMBA_4_0/source/auth/credentials/credentials_files.c =================================================================== --- branches/SAMBA_4_0/source/auth/credentials/credentials_files.c 2007-08-28 04:28:02 UTC (rev 24729) +++ branches/SAMBA_4_0/source/auth/credentials/credentials_files.c 2007-08-28 04:35:29 UTC (rev 24730) @@ -188,6 +188,7 @@ "saltPrincipal", "privateKeytab", "krb5Keytab", + "servicePrincipalName", NULL }; @@ -246,12 +247,16 @@ machine_account = ldb_msg_find_attr_as_string(msgs[0], "samAccountName", NULL); if (!machine_account) { - DEBUG(1, ("Could not find 'samAccountName' in join record to domain: %s: filter: '%s' base: '%s'\n", - cli_credentials_get_domain(cred), filter, base)); - /* set anonymous as the fallback, if the machine account won't work */ - cli_credentials_set_anonymous(cred); - talloc_free(mem_ctx); - return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + machine_account = ldb_msg_find_attr_as_string(msgs[0], "servicePrincipalName", NULL); + + if (!machine_account) { + DEBUG(1, ("Could not find 'samAccountName' in join record to domain: %s: filter: '%s' base: '%s'\n", + cli_credentials_get_domain(cred), filter, base)); + /* set anonymous as the fallback, if the machine account won't work */ + cli_credentials_set_anonymous(cred); + talloc_free(mem_ctx); + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } } salt_principal = ldb_msg_find_attr_as_string(msgs[0], "saltPrincipal", NULL);