git.ipfire.org Git - thirdparty/samba.git/commit

author	Alexander Bokovoy <ab@samba.org>
	Tue, 3 Sep 2024 05:48:24 +0000 (08:48 +0300)
committer	Alexander Bokovoy <ab@samba.org>
	Fri, 13 Sep 2024 13:16:09 +0000 (13:16 +0000)
commit	4f577c7b6894132be4842944f2f950b087312b16
tree	57dd47e03eff7d05eb5dd23973244e6324266e16	tree
parent	12ad4832a74a6fba3fb8954a8630b900f5763f18	commit \| diff

sync machine password to keytab: handle FreeIPA use case

FreeIPA uses own procedure to retrieve keytabs and during the setup of
Samba on FreeIPA client the keytab is already present, only machine
account needs to be set in the secrets database.

'sync machine password to keytab' option handling broke this use case by
always attempting to contact a domain controller and failing to do so
(Fedora bug https://bugzilla.redhat.com/show_bug.cgi?id=2309199).

The original synchronizing machine account password to keytab feature
did not have a mechanism to disable its logic at all.

Signed-off-by: Alexander Bokovoy <ab@samba.org>
Reviewed-by: Pavel Filipenský <pfilipensky@samba.org>
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Fri Sep 13 13:16:09 UTC 2024 on atb-devel-224

docs-xml/smbdotconf/security/syncmachinepasswordtokeytab.xml		diff \| blob \| blame \| history
source3/libads/kerberos_keytab.c		diff \| blob \| blame \| history
source3/utils/net.c		diff \| blob \| blame \| history
source3/utils/testparm.c		diff \| blob \| blame \| history