From fd477e4ff6f90568648059280cbf80f241ba3248 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Thu, 2 Mar 2023 14:46:25 +0100 Subject: [PATCH] net_ads: fill ads->auth.realm from c->creds We get the realm we use for authentication needs to the realm belonging to the username we use. We derive the username from c->creds, so we need to do the same for the realm. Otherwise we try to authenticate as the wrong user. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15323 Signed-off-by: Stefan Metzmacher Reviewed-by: Andreas Schneider (cherry picked from commit 0ef53b948e13eb36b536228cccd89aa4c2adbb90) --- .../samba4.blackbox.net_ads_search_server_P | 1 - source3/utils/net_ads.c | 10 +++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) delete mode 100644 selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P diff --git a/selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P b/selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P deleted file mode 100644 index 7f06e3fe738..00000000000 --- a/selftest/knownfail.d/samba4.blackbox.net_ads_search_server_P +++ /dev/null @@ -1 +0,0 @@ -^samba4.blackbox.net_ads_search_server_P.trust diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 09f7f0b4a39..dd9341f3637 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -710,7 +710,15 @@ retry: TALLOC_FREE(ads); return ADS_ERROR(LDAP_NO_MEMORY); } - } + } else if (ads->auth.realm == NULL) { + const char *c_realm = cli_credentials_get_realm(c->creds); + + ads->auth.realm = talloc_strdup(ads, c_realm); + if (ads->auth.realm == NULL) { + TALLOC_FREE(ads); + return ADS_ERROR(LDAP_NO_MEMORY); + } + } status = ads_connect(ads); -- 2.47.3